Posts

Do IT security terms like “phishing” and “intrusion protection” sound extremely foreign to you? If so, it’s time you familiarize yourself with these and other common cybersecurity terms. By learning these basic concepts, you’ll be more aware of the depth and scope of online dangers and, hopefully, be better prepared to deal with them.

Malware

For a long time, the phrase “computer virus” was misused to refer to every type of attack that intended to harm or hurt computers and networks. The more appropriate term for these harmful programs and files would be “malicious software” or “malware.” Whereas a virus is a specific type of malware that is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as malware.

Ransomware

Don’t let all other cyberthreats ending in -ware confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid.

Intrusion prevention system (IPS)

There are several ways to safeguard your network from malware, but an IPS is quickly becoming one of the nonnegotiables. An IPS sits inside your company’s firewall and looks for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.

Social engineering

Not all types of malware rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of “social engineering” to succeed. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or protected information. For cybercriminals, complicated software is totally unnecessary if they can just convince potential victims that they’re a security professional who needs the victims’ password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of defrauding people using an app or a website that impersonates a trustworthy or often well-known business in an attempt to obtain confidential information. Just because you received an email that says it’s from the IRS doesn’t mean that it is. Don’t take such emails at face value — always verify the source, especially if the emails are requesting your sensitive data.

Antivirus

Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well-known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to fix the gap in security. However, if cyberattackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.

Redundant data

When antivirus software, patches, and intrusion prevention fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.

Our cybersecurity professionals are always available to impart more in-depth knowledge of the many different kinds of cyberthreats. Get in touch with us today and find out how we can help you with your IT security woes.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

Decryptors

There are several ransomware decryptors now, thanks to communities of white hat hackers concerned about increasing ransomware attacks worldwide. While some of these decryptors do come with a price, the rest are free or for a minimum donation.

The state of ransomware in 2021 so far

Businesses need to deal with ransomware both from outside and within. On one hand, there are more cybercriminals trying to infiltrate your network. On the other hand, careless and unknowing staff can easily let ransomware enter your network. For instance, employees may be tricked into providing their access credentials in phishing sites, or they may click links to websites that upload ransomware downloaders onto their machines.

The statistics are sobering. Ransomware cost businesses more than $75 billion per year. Over the past two years, ransomware attacks have increased by over 97%. And compared to the first two months of 2017, ransomware campaigns that were initiated from phishing emails increased by 109% in the same span of time this year.
According to studies, there will be a ransomware attack targeting a business every 11 seconds in 2021. That is up from every 14 seconds in 2019, and every 40 seconds in 2016. And the trend is that the rate will continue to increase over the years.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may result from self-propagating ransomware strains, while others may come from cyberattackers who are hoping targets become so scared that they pay up before doing any research on how dated the strain is and how to remove it.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with ransomware is no walk in the park. There are essentially three basic approaches to prevent ransomware:

  • First, train your employees about what they should and shouldn’t open when browsing the web and checking email.
  • Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.
  • Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above. In reality, most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. And even if you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting a never-ending stream of cyberattacks — hand it over to us and be done with it. Call us today to find out more.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Managed IT Services

Today’s companies need technology to function. Without it, businesses cannot compete and succeed. But with technology comes the ever-constant threat of hackers and cybercriminals. That’s why small- and mid-sized businesses need to protect themselves with robust cybersecurity solutions managed by IT professionals.

The numbers

According to the Ponemon Institute’s 2019 State of Cybersecurity in Small and Medium-Sized Businesses (SMBs) survey, cyberattacks have increased dramatically. Here in the United States, 76% of companies were attacked in 2019, a significant leap from 55% in 2016. Sixty-nine percent of US businesses reported data breaches in 2019, up from 50% in 2016.

The financial consequences have also increased considerably. The average cost spent by companies because of damage to or theft of IT assets and infrastructure increased from $1.03 million in 2017 to $1.2 million in 2019. Costs due to disruption to normal operations increased from an average of $1.21 million in 2017 to an average of $1.9 million in 2019.

The attacks

Globally, the most common forms of attack on SMBs are those that rely on deception: phishing (57%), stolen or compromised devices (33%), and credential theft (30%). Worse, cybercriminals are targeting SMBs more, with reported attacks having increased from 60% in 2017 to 69% in 2019.

Why managed services?

Partnering with MSPs is the most effective way to prevent attacks and protect your business from malicious threats. MSPs offer a full range of proactive IT support that focuses on advanced security, such as around-the-clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more.

And because managed services are designed to identify and fix weak spots in your IT infrastructure, you’ll optimize the digital backbone of your business processes. You’ll have faster network performance, a solid business continuity and disaster recovery strategy, and minimal downtime. One of the best things about managed services is that you get a dedicated team of IT professionals ready to assist you for any technology problems you may encounter. This is much more effective and budget-friendly than having in-house personnel handling all your IT issues.

Being proactive when it comes to cybersecurity is the only way to protect what you’ve worked hard to build. If you’d like to know more about how managed services can benefit your business, just give us a call — we’re sure to help.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from smallbiztechnology.com  SOURCE

365 Phishing Scams

Microsoft is a known provider of top-tier business productivity software — and its commitment to its subscribers’ cybersecurity is integral to that reputation. To fight phishing, one of today’s most prevalent cyberthreats, the tech titan has equipped Microsoft 365 with powerful features.

Among the many business solutions that Microsoft offers is email hosting through Outlook. This service is protected by Microsoft Defender for Office 365. Defender has many key features:

1. Anti-phishing

The most dangerous types of phishing scams masquerade as emails from a party the victims know, such as their boss, colleague, business partner, or bank. A phisher may use crafty impersonation tactics, such as referring to the victims by their nickname, making it harder to immediately identify the scam as fraud. A cybercriminal may even take over actual email accounts and use these to completely fool their victims.

Using machine learning, Defender creates a contact graph of contacts that users normally exchange communications with. It then employs an array of tools, including standard anti-malware solutions, to differentiate good from suspicious behaviors.

2. Anti-spam

Generalized phishing campaigns utilize spam emails, which are sent to a large list of email addresses, to catch random victims. Stopping spam is, therefore, a great start to protecting your company from a phishing attack.

Microsoft 365’s anti-spam technology addresses the issue by examining both an email’s source and its contents. If an email is determined to have come from an untrustworthy source or has suspicious contents, then it is automatically routed to your spam folder. What’s more, this feature checks the activity of people in your company to ensure that none of them sends out spam emails.

3. Anti-malware

Malware, such as ransomware and spyware, can spread via phishing emails. Ransomware locks data and programs from users until a ransom is paid. Spyware, on the other hand, steals data by recording keystrokes, copying clipboards, and taking screenshots, among other methods.

Microsoft 365 employs a multilayered defense against both known and unknown types of malware. This covers the different stages of email transmission, including filtering potentially harmful attachment formats, and real-time threat response. Microsoft also regularly deploys malware definitions to keep its defenses updated.

4. Safe Attachments

Some phishing emails contain file attachments that infect your computer with malware. Any email attachment should be handled with caution, but it’s not uncommon for some users to accidentally click on one, especially as they rush through the messages in their inbox.

Defender resolves this issue by opening all attachments in a sandbox first. This sandbox is an isolated environment, so even if the attachment contains malware, it would not affect your system. While in the sandbox, the attachment is meticulously scanned. If it’s clean, Microsoft 365 will allow you to open it as normal. If it contains a threat, the service will notify you of the issue. Microsoft uses some of the information collected by Safe Attachments to further improve the feature’s capabilities.

5. Safe Links

Instead of attachments, some phishing emails contain URLs that lead to websites — often spoofed versions of legitimate websites — that require victims to provide their personal information such as their account credentials. Some of these URLs lead to download pages that infect your computer with malware.

In a process called URL detonation, the Safe Links feature protects users by scanning the links in their emails and checking for malicious behavior, such as the transmission of malware. If the link leads to a malicious website, Defender will warn users not to visit it. Otherwise, users can proceed to click and go to the destination URL without a hitch. But even so, the service will rescan the link in the succeeding days and report any suspicious changes.

What’s great about Safe Links is that it doesn’t just scan links from unfamiliar sources. It also scans links in emails from people within your company and works on files uploaded to Microsoft Teams and SharePoint.

6. User Submissions

Microsoft 365 allows you to set a specific mailbox to send emails you deem a threat. The User Submissions feature lets you set criteria for both malicious and safe email and identify mailboxes besides your spam folder to keep these messages in. This feature gives your administrators greater control over which emails to flag and which to report to Microsoft.

7. Enhanced Filtering

If your company uses third-party services to route emails before they are sent to Microsoft 365, you will benefit from Enhanced Filtering for Connectors. Microsoft 365 uses inbound connectors to determine the trustworthiness of email sources. The more complex your routing scenario is, the more likely that an email’s inbound connectors will not reflect its real source.

Enhanced Filtering preserves authentication signals that may have been lost over the course of routing emails. This maximizes the effectiveness of Microsoft 365’s overall filtering capabilities, helping it detect spam and phishing emails.

If you need an email service that promotes efficiency while protecting your business, we can implement and manage Microsoft 365 for you. Just call us today to get started.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Data breaches are serious problems with business-crippling results. Some organizations are unaware of the multiple ways cybercriminals can attack and are often unprepared to combat the issues that arise when such activities occur. Others let fear of attack control their response and deploy common solutions that they presume will protect them but may later find themselves compromised because of gaps in their data protection approach.

Cybercriminals thrive on both of these scenarios–using lack of preparation or overconfidence in what was deployed to their advantage.

In this eWEEK Data Points article, Index Engines Vice-President Jim McGann offers valuable industry information about how to thwart the possibility of succumbing to a ransomware attack. Enterprises should implement the following five defensive strategies:

Data Point No. 1: Deploy a real-time malware detector.

Cybercriminals are looking for the path of least resistance when attempting to break into data centers. Whether it is a remittance of old attacks hoping to find an unsecure target or one of the many new threats created each day hoping to infiltrate a system before they’ve been identified, having one of the commercially available anti-malware software protection solutions deployed is an important first line of defense. Ensure that the software is scheduled for frequent system scans, and that updates and patches are installed automatically to minimize protection gaps.

Data Point No. 2: Deploy a backup solution that supports full-content analysis of your data.

Many backup products on the market today have some level of analytics functionality to determine whether any particular data has been corrupted. However, many of these solutions are metadata-only based, only looking at basic information about a file or database. Others use metadata analytics on the first pass and then follow up on suspicious results with content-based analytics. But this approach is flawed and can miss more sophisticated attack vectors, providing a false sense of confidence. A comprehensive content-based analytic scan deployed from the start validates the data’s integrity and delivers the high level of confidence that advanced or hidden attacks are found and neutralized.   

Data Point No. 3: Use forensic analysis that includes machine learning.

Because of the efforts of real-time malware detection providers and content-based analytic backup solutions, most cybercriminals have to consistently change approaches in their efforts to infect and attack business operations. What was once a bunch of loosely affiliated opportunists have turned into well-funded and organized syndicates using advanced technologies to re-engineer their attacks. Forensic analysis software that employs machine learning and artificial intelligence as part of its learning can detect patterns and anticipate changes that human-based intervention cannot. The cybercriminals are using ML to their advantage; so should you!

Data Point No. 4: Don’t pay a ransom.

Because of the swiftness and scale of these cybercriminal activities, it is possible that they may still find a way into your computing and storage infrastructure. Human error, falling for phishing schemes or intentional damage from a disgruntled employee can be the gaps that data thieves need to penetrate organizations that have deployed the proper security defenses. As overwhelming as it may be to find out that your data has been compromised and/or encrypted, don’t play into the hackers’ hands by paying a ransom for a return of your business-critical information. It is possible that you may still not recover your data even after paying. The security exploit that was leveraged may still be intact and cybercriminals may re-target your systems. Criminals may see you as an easy mark for having paid the ransom and have reason to come at you again, knowing that you’re willing to pay to get back up and running.

Data Point No. 5: Focus on best practices for cyber-recovery.

Not paying a ransom does not mean that you cannot get your systems back and operational. Nor does it mean that there has to be an excruciatingly long recovery period. The right protection software can turn a ransomware attack into just another disaster-recovery scenario. It can find the most recent clean backup prior to an attack and help recover any lost or infected data. In addition, the right cyber-recovery tool can launch a post-attack forensic discovery to find the breach and the malware that executed the attack in order to guide the post-attack recovery process and protect against future intrusions.

“Cybercriminals will strike any organization, no matter how big or small, if they feel like there is a good chance of collecting a ransom,” McGann said. “Taking steps to fortify your defenses and ensure fast, efficient recovery in case you do fall victim is paramount for protecting against ransomware in the first place. Criminals want the easy score. Deploying a solution like CyberSense that serves as a safety net against ransomware makes working for a win not worth the time and effort.”

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from eweek.com  SOURCE

Through the years, Apple products have shown resistance to different kinds of malware that Microsoft computers weren’t able to dodge. This, however, does not mean that Macs are invulnerable. Here are some threats you should watch out for to keep your Mac protected.

What are the threats that can affect your Mac?

There are several general virus types that hit Apple products, and their effects can range from merely annoying to downright destructive.

1. Adware – Adware are unwanted programs that bombard users with pop-up advertisements. Some malicious adware piggyback spyware onto their deployment protocols, which can record your typing habits with keyloggers and keyboard sniffers, as well as monitor your browsing behavior.

2. Sniffers – Sniffers are usually designed to detect certain words on a webpage and in a person’s typing pattern in order to trigger the keylogger. For instance, when you type your password, sniffers can activate the keylogger to copy the information you type and steal your login details.

3. Trojan horses – Trojan horses can infect both Macs and PCs, and they are often deployed through fake software installers or unsecured updates. They parade as legitimate software that actually contains a nasty surprise once installed. A notorious Trojan horse for Macs is the MacDownloader, which attempts to steal personal data stored in Apple Keychain.

4. Macro viruses – Macro viruses attack computers by running an executory code that could take screenshots, format hard drives, corrupt files, deliver more malware, and access webcams and mics. They are triggered when a user opens an infected macros-enabled file, hence the name.

5. Ransomware – Macs held off ransomware for a while, but nowadays, even they can be vulnerable to it. KeRanger was one of the first big ransomware outbreaks for Macs. After remotely encrypting the computer and hibernating for three days, KeRanger would issue a .txt file containing instructions for decryption in return for one bitcoin.

Does your Mac have a virus?

Now that you know what kinds of viruses and malware your macOS could be affected with, here are some ways to tell if your Mac is infected with one:

1. Pop-up ads – If you’re seeing more pop-ups on your computer than usual, your computer probably infected. An unusual amount of banner ads and pop-ups may mean that your computer is due for an update and/or a virus scan.

2. Slowness – Mac users fear one thing above all: the spinning wheel of death. This little rainbow-colored spinning cursor wheel indicates that the computer is having trouble processing at usual speeds. This slowness can often be caused by overwhelming requests from simultaneous processes — likely of dubious origin — running in the background.

3. Browser issues – Viruses sometimes do weird things to Safari or Firefox such as change its homepage or redirect a preset landing page to a site you’ve never seen before. If your browser starts behaving oddly, crashes regularly, or is often unresponsive, your Mac might have a virus.

Computer security is a matter of importance no matter what operating system you use. Reach out to our experts for an assessment of your network today.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE