immune

No One Is Immune

immuneDo you remember when the Ebola virus caused world-wide panic a few years ago? The killer virus appeared to be out of control and there wasn’t enough supply of vaccine or enough time to distribute it.

Like the script from a sci-fi horror flick, “No one is immune! Ebola is coming to get you!”

Of course, there were those who believed that it could never happen here. There always are. They are the ones who won’t get a flu shot then wonder how they got the flu several months later.

Real World – Virtual World – Same Problem

The same irrational thinking prevails in the virtual world. Even though, as we have cited before, more than 60% of small businesses have been victims of cyberattacks, the other 40% still think they are immune.

But, according to a recent article in TechTalk, the size of the business is not the only reason some businesses have a false sense of security. The article noted that some corporate enterprises feel that their systems are safe because they operate using a different system. In particular, the misconception is alive and well amongst users of Linux, Ubuntu, and iOS.

The assumption is that “users believe Linux, Ubuntu and iOS are more secure because in most malware cases, Windows users are the victims. Although it is true, Windows PCs are highly targeted, this is only because of their large market share. . .  hackers can cast a wider net when targeting Windows PCs than if they were to target Linux, Ubuntu or iOS.”

That sounds like the small business owners’ reasoning that they won’t come after me because I’m too small. Not only wrong, but proven wrong.

It is also becoming abundantly clear that Linux, Ubuntu, and iOS system have been under attack. They just haven’t grabbed the headlines. Yet.

The first rule of thumb in any security business is never assume you are safe from attack. That goes for cybersecurity, too. The faster technology grows, the more we are exposed to security breaches. It doesn’t matter what size your business is – or what operating system – you use. Your technology needs to be guarded.

Guarding your technology is what we do. We work diligently to keep you aware of potential dangers and how to take a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

the state of ransomware

Why Small Businesses Should Be Very Concerned About Ransomware Attacks

the state of ransomwareIf you are thinking, “Oh, no. Not another article about ransomware,” you need to read the rest of this report.

CNN broadcasted a segment on July 27, 2017, informing viewers why small businesses in particular should be very concerned about potential ransomware attacks. The broadcast stemmed from the release of the “Second Annual State of Ransomware” study conducted by Osterman Research.

The Damage Is Often Worse Than the Ransom

In an earlier newsletter we shared the pervasiveness of ransomware. No one is immune from ransomware attacks.

The common mindset of small business owners is that ransomware protection is a priority for major enterprises as opposed to SMBs.

As it turns out, small businesses are at great risk and, proportionately, have much more to lose, according to the Osterman data. The greatest potential for SMB loss is not the ransom itself, but the damage resulting from the intrusion.

  • 16% of SMBs experienced operating downtime of 25 hours or more. Some were hobbled by more than 100 hours of downtime.
    • 93% of those (15% overall) suffered a loss of revenue due to the downtime.
  • 22% of SMB victims of ransomware attacks were unable to recover and subsequently had to close their doors.

Small Businesses Lack Adequate Reserves

“Cash reserves” is a standard business term that is seldom heard in the SMB realm. Small businesses typically operate on a small amount of capital. It is rare when small businesses include cash reserves in their budgets. The cash reserves set aside by their larger “cousins” do not make them less vulnerable to ransomware attacks, but they do help to mitigate the consequences of the aftermath of an attack.

Small Businesses Lack Adequate Resources

According to the report,

  • 27% of SMBs could not identify how their systems were accessed.
  • 33% reported the malware infection had spread to multiple network devices before being detected.
  • 64% of attacks in the U.S. were perpetrated by infected email attachments or links.

Small businesses seldom have the IT infrastructure of corporate discipline to ensure that their systems are adequately protected and that their employees are complying with company rules regarding internet security. For a variety of legitimate reasons, many SMBs do not have a disciplined way of keeping their digital security up to date.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

What in the World Are Hackers Thinking?

hackersWe already know what we think when our digital technology has been compromised by some &^%#$* hacker and her (yes, her!) virus, malware, ransomware, or phishing expedition. We get frustrated and downright angry. Have you ever wondered, what the hacker was thinking or what motivated her? We thought it might help to understand.

A recent report published by Government CIO indicated that,

“Most cyber criminals are motivated by the commission of a crime. It is a psychological issue that defines them as people with some super traits that cause antisocial behavior. Possibly, these people suffer from one or more forms of psychological disorders that seek to gain recognition or personal gain from illegal activities.

Other personality traits exhibited by the cyber criminals include “self-centeredness, grandiosity, callousness, and lack of remorse or empathy for others coupled with a charismatic, charming, and manipulative superficiality.”

Does that give you a warm, fuzzy feeling? We didn’t think so. Perhaps this will help. In late 2016 Digital Endpoint described eight common types of hackers along with some insights into what motives them.

TYPE PERSONA MOTIVATION
White Hat Good guys Companies employ them to test software, websites, and systems from criminal hackers.
Black Hat Guns for hire They get paid for stealing information by the people who want that information. They don’t care about the information per se.
Grey Hat Wolves in sheep’s clothing They test systems, but without permission. When they find a weakness, they try to sell their findings to their victims for a price.
Script Kiddies Trainees They use packaged software to disrupt systems and establish a reputation in the hacking community.
Hactivists Protesters They are employed by governments to gain information and/or attack foreign entities.
State Sponsored Warriors They hack to harass, expose, and exact revenge on entities to which they are opposed.
Corporate Spies Corporate Spies Corporate spies have existed for years. The internet and digital technology are just new tools.
Cyber Terrorists Terrorists They want to “spread fear and create chaos … by causing unrest.”

Did we mention that some hackers are women? Watch this video. It will give you even more insight in what in the world hackers are thinking.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

digital hygiene

Did You Know that Digital Hygiene Can Reduce Cyber Breaches?

digital hygieneDigital hygiene? What’s that?

Digital hygiene is a lot like dental hygiene. A dental hygiene regimen helps to protect our teeth and gums from bacteria, infection, and decay. A digital hygiene regimen is necessary to protect our technology and information against infection from viruses, malware, hacking, phishing and other cyber attacks.

Cyber attacks are just about as stealthy as dental attacks. Most often we don’t realize that we have developed a cavity until it is already too late. The same is true with cyber infections. The best hygiene in either the dental or the digital world is preventive. A 2015 report by Verizon revealed that most cyber attacks are not carried out by a full frontal hacking of a device, but rather by manipulating the humans that operate them.

Digital hygiene requires continual, proactive care.

Just as routine dental hygiene involves care at home and checkups by a professional, so, too, does digital hygiene. Here are 10 important steps we recommend to keep your technology safe.

  1. Be extra careful when asked for personal information in response to emails, phone calls (cell phones are technology too), or web pages. It’s not that sharing is, itself a bad thing. Just be super cautious about what you share and with whom you share it.
  2. Do not respond to online or on-phone demands to run a particular software on your computer.
  3. Do not be afraid of specific online threats of “account closure, disciplinary action, or arrest.” Legitimate businesses do not usually threaten people.
  4. Ensure that all of your software is up to date. You can set your devices to update automatically. (If you are not sure if you should or how you can exercise this option, give us a call at 843-282-2222. We will be happy to help.)
  5. Avoid visiting “suspicious” websites or installing “suspicious” programs.
  6. Think carefully about identifying your location on your mobile devices.
  7. Create strong passwords on all devices – including your cell phone.
  8. Think twice before clicking on attachments or links.
  9. Strengthen your security with two-step verification for access. Click on this link to learn how to use Google account two-step verification. (Did you think twice before clicking on the link?)
  10. Have a regular digital hygiene checkup.

Guarding your technology is best done with regular digital hygiene. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

cyber safety

You Are Most Exposed to Cyber Threats When You Think You Are Not a Target

cyber safetyBack in the last decade of the 20th century, an entrepreneur in Orlando proudly, publicly stated that his business was too small to be a target. Granted, he wasn’t talking about cyber threats, but he was talking about other threats to the security of his business.

He was wrong. Within a matter of months after he boldly blurted out what he believed to be true, his company was the target of litigious attack from a German-based company with over 300,000 employees and annual revenue in excess of $80 billion.

Lesson learned: The size of your business does not exempt it from attack.

This applies, in particular, today when it comes to small businesses and cyber threats. As a recent article in CIO magazine put it, “Believing that their security program is good enough means there’s a good chance they’ll be breached.” The article was addressing small business owners.

Think You Are Immune from Cyber Threats?

Think again. The CIO article described the lack of small business ownership with cyber security issues was akin to them being in a time warp compared to Fortune 100 enterprises. In fact, small business owners should consider these documented facts.

  • “95 percent of IT professionals at small businesses believe their cyber security posture is above average. However, 100 percent of the same respondents also said they could improve their ”
  • Small businesses are the victims of a whopping 4,000 cyber attacks per day.
    • That’s more than 120,000 per month.
    • That’s nearly 1.5 million attacks per year.
  • 75 percent of all U.S. companies have experienced some form of cybersecurity breach in the 12 months from April 2016 to March 2017.
  • SMBs are the target of 62 percent of all cyber-attacks.
  • “60 percent of small businesses are unable to sustain their businesses” for more than six months following an attack.

If you think that last statistic is because those businesses aren’t as well operated as yours, this statistic should put it in a more worrisome perspective. The average cost of a single data breach is $225 per record lost or stolen. For small businesses, the average price of recovery from a cyber-attack is $690,000. (Fast Math: ≈ 3,000 records x $225/record)

Our objective is not to scare you. It is to warn you. When it comes to being the target of a cyber threat, size doesn’t seem to matter.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

free wifi zone

Internet Security on the Go . . . Going, Gone

free wifi zoneCarrying a laptop, notebook, or other mobile device wherever one goes is so commonplace now that even kids in the backseat have Wi-Fi access to the internet over the river and through the woods to Grandmother’s house. Before you point a finger at the kids, just remember, you started it – and you are carrying your device wherever you go, too.

Because you do, because you need to guard your technology, and because we care, here are a few tips for ensuring your internet security when you are on the go, before your personal information is going, going, gone.

Avoid Public Charging Stations

But, they are so-o-o convenient! Exactly – and therein lies the rub. They are so convenient that they are an attractive, ubiquitous, and convenient tool for hackers. As soon as you plug into the USB port your device and all the data on it is conveniently accessible. For hackers, the practice of Juice Jacking is like taking candy from a baby. Carrying your own portable charger if you expect to need to juice up on the go.

Create and Use a Virtual Private Network

The operative word here is “private.” Your VPN virtually guards your technology while using publicly shared networks. Think of your network as a wire insulated to keep it protected from all of the other wires in the same conduit.

Disable Shared Settings

Don’t leave home without doing this: turn off all sharing enabled on each device accompanying you on the trip. You probably locked the doors to your house when you departed, unless you like to keep them open just in case anyone wants to use it while you are gone. Lock the doors; turn off sharing.

Ethernet as a Business Essential

Your business data and technology is too valuable to expose it to public Wi-Fi access. Avoid Wi-Fi by having a business ethernet, ethernet-enabled mobile devices, and traveling with an ethernet port.

Beware of Bluetooth

You don’t need to worry about Blackbeard pirating your information via Bluetooth, but there are plenty of others who are ready and willing to grab the bounty on your business devices when you least expect it. It’s Bluetooth. It must be secure. Not.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

BYOD bring your own device

Why BYOD Makes a Case for Whitelisting

BYOD bring your own deviceTwenty years ago, no one would have imagined employees bringing their computers to work. In fact, twenty years ago, having a company-owned PC on an employee’s desk was considered a status symbol in some companies.

Today, the average person’s cell phone has more technology inside that NASA used to land our astronauts on the moon. What is more, 98% of mobile device users keep their devices within reach 100% of the time – from the bathroom to the boardroom. That’s a lot of technology in the hands of people who are not rocket scientists.

BYOD Makes a Strong Case for Whitelisting

While, on the one hand, employees and companies alike embrace the concept of Bring Your Own Device, it is not without its inherent dangers.

When people bring their own device, any amount a company saves in CapEx for computer hardware, as a result, may potentially be lost by a failure to manage those devices in the workplace.

Advice from INFOSEC

As far back as 2012, the INFOSEC Institute warned businesses about the rising tide of changes that a BYOD culture would generate related to guarding the businesses’ technology. Among their recommendations was:

  • Know who can access your company network and data remotely.
  • Know how your employees’ devices are configured.
  • Clearly communicate your BYOD policies.
  • Audit BYOD activities on a regular basis.
  • Ensure that employee devices are compliant with your IT security policies and government regulations.
  • Control the apps.

Control the Apps

Managing the apps is where whitelisting comes into play. Several of our recent blog posts have addressed the wisdom of whitelisting, including the most recent, “From Whitelisting to Dynamic Whitelisting,” so we do not need to cover that ground again. However, we want to raise your awareness of the efficacy of implementing whitelisting if your business allows a BYOD practice.

We recommend whitelisting to protect both your system, if accessible by employee devices, and to protect their devices as well. You know what they say, “One bad app can spoil the whole bunch.”

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

computer threats

The Top 5 Threats to Your Computer Security

computer threats

A recent publication summarized the Top Five threats to your computer security. Tech Sentries mission is to help you “Guard Your Technology.” One of the ways we do that is by making you aware of potential threats to your computer system.

 

Denial of Service attacks disrupt servers and networks connected to the internet. It doesn’t take a rocket scientist to create the attack. )“Attack Packages” are affordable and readily available on the black market.) However, mitigating an attack typically requires technical experts like Tech Sentries.

Phishing is the practice of sending fake emails or other kinds of bait to you to collect your user information. Phishing is difficult to detect because it looks like so many innocent communications. Aside from collect personal or business information, the biggest threat may be that you become reluctant to share basic information with anyone.

APT threats attack your computer network through the proverbial back door. These attacks use malicious code to gain system credentials, proprietary information, and other data. Malicious codes may sit dormant on your system until detected by a tech security professional.

Cyber-crime Syndicates are like any other criminal syndicates. They don’t just “follow the money.” They are out to get the money. Ransomware falls into this category as does Identity Theft and emptying of bank accounts.

Hacking is an umbrella of multiple types of attacks intended to gain large amounts of enterprise company and customer information. Retail – online or brick and mortar – healthcare, and other businesses with a large consumer base are particularly vulnerable, but they are not the only targets of cyber threats. You and your business could be too.

 

Threat AKA Frequency
Network and Application Attacks Denial of Service (DoS) Very Common
Social Engineering Phishing Common
Advanced Persistent Threats APT Increasing Annually
Organized Cybercrime Cybercrime Syndicates On the Rise
Major Data Breaches Hacking, etc. Constantly in the News

 

Connecting any device to the internet exposes it to potential threats. Security is not a matter of convenience. It is a necessity. Being aware of the threats is a starting point to guarding your valuable technology.

Tech Sentries is always on duty helping you “GUARD YOUR TECHNOLOGY” at all hours of the day and night. Don’t wait. Contact us today. (843-282-2222).

ransomware money

Five Things You Probably Did NOT Know About Ransomware

ransomware moneyOur mission at Tech Sentries is to help you “Guard Your Technology.” Part of helping you to “Guard Your Technology” is to keep you informed about threats to your computer system, like ransomware. We believe that keeping you informed is part and parcel of our commitment to you. We found this insightful information in a recent article in an online tech site.

Ransomware Lesson #1

It can be much easier to steal your business or personal information and hold it ransom than to kidnap someone in your family.

Holding information for ransom may be less lucrative per instance, but the crime can be perpetrated a virtual plethora of times with the potential capability of accumulating a great deal of ill-gotten gain from multiple sources. Although some criminals may take the short path to large sums of cash, the opportunity is now open to treacherous techies who are willing to commit the crime numerous times on a smaller scale.

Just because you are not a big business or personally wealthy does not exempt you from ransomware attempts.

Ransomware Lesson #2

Ransomware is not a virus. The computer term “virus” was coined because, like a live virus, it infects your computer files. Ransomware locks your files so that you cannot access them.

Ransomware Lesson #3

You do not have to click on anything in particular to be the victim of a ransomware attack. Although phishing is a method used in some ransomware attacks, it is not, by any stretch of the imagination, the only method of attack.

We always strongly advise our clients to be careful what you click. Understand, however, that this may not make you immune to a ransomware attack. It is, nonetheless, a good habit to develop to guard your technology.

 

Ransomware Lesson #4

You do not have to visit questionable websites to become a victim of ransomware. Although that may make you more vulnerable to attack, the masters of the ransomware craft tend to use the most innocuous of sites to carry out their schemes. Their whole point is to catch the innocent unaware.

Ransomware Lesson #5

You can guard your technology against ransomware. Although traditional antivirus software has yet to provide foolproof protection against ransomware, whitelisting has come to the forefront as one of the best defenses available. Read our recent blog post about whitelisting here. You will understand in more detail why whitelisting is so successful and why you should use it.

 

You should be concerned about ransomware, but you are not alone and defenseless in the computer world. Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

general data protection regulation

Do We Need General Data Protection Regulation?

general data protection regulation

On May 25, 2018, the European Union will update privacy laws for all member nations. How that will affect American businesses and individuals is pure speculation at this point.

You may be asking, “What does the European Union’s General Data Protection Regulation (GDPR) have to do with me or my business?” The answer may lie in the reality of how interconnected we have all become as rapidly-advancing technology compiles unimaginable amounts of personal data and moves it around the globe in the blink of an eye.

A more appropriate question may be, “How long will it be before the GDPR affects me?” That being the case, it is worth noting a few of the highlights of the GDPR.

  • Personally identifiable data may not be stored by any company without that individual’s “express consent.” (Expect this rule to be circumvented by statements like this: “By clicking “NEXT,” you indicate acceptance of our terms and conditions.”)

The inherent problem is that the average person does not read the fine print in the terms and conditions. It is reasonable to expect that those terms and condition will include a clause that says that “acceptance of our terms includes your permission for our company to retain your personal information.”

We Value Our Personal Information Most When It Has Been Stolen

The other inherent problem is that the individual or company on the customer end of the transaction is typically more concerned about completing the transaction than sharing their information. Sharing personally identifiable information is a secondary thought at best.

Five Rights Included in the GDPR

Technically, users/customers in the EU will have five rights of protection available.

  1. They may refuse to allow personal (or business) information to be processed.
  2. They may request access to the data a business has about them.
  3. They may request correction of inaccurate information.
  4. They may request deletion of personally identifiable information.
  5. They may transfer personally identifiable information to another entity.

Another question we ought to be asking about the security of our personally identifiable information, is “How do we know that companies are compliant and our information is protected?” The answer is that we do not. Laws are fine, but they must be enforceable to be effective.

Tech Sentries believes that the primary responsibility for guarding your technology and your data is you. However, we understand that no amount of legislation will protect your data, and we also understand that you cannot protect your data without the latest-greatest-up-to-date security measures. Ensuring your protection is our business. We are your security professionals.

Tech Sentries is as concerned about your computer system security as you are. That is why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

1 2 3