The Top 5 Hacks of 2021

The Top 5 Hacks of 2021

As technology becomes an integral part of any business, they become more vulnerable to cybercriminals. Therefore, it’s essential to understand that cybersecurity is inevitable as you take your business to the online world. From ransomware attacks to the exploitation of business vulnerabilities, 2021 saw some high-profile hacks that crippled the operations in big companies.

As Wired experts put it, 2021 was the year of ransomware, data breaches, surveillance, and more attacks as criminal gangs became more aggressive. As a matter of fact, anything operating online is a target. Hackers are always looking for ways to make money or have fun by exploiting weaknesses in your systems. Let’s analyze the top 5 hacks in 2021 and what you can learn from them.

1. THE COLONIAL PIPELINE RANSOMWARE ATTACK

In early May 2021, Colonial Pipeline had the most significant cyberattack. Darkside hackers infiltrated their systems, stealing over 100 gigabytes of data and threatened to release it. That forced the largest oil and gas company to temporarily suspend its operations to contain the malware. That not only caused a fuel crisis but also panic in the whole Southeast region. Colonial Pipeline was forced to pay a ransom, but the damage caused was irreversible.

2. TWITCH DATA DUMP

Even though hackers mainly target government and financial institutions, entertainment companies aren’t safe either. In October 2021, an anonymous hacker shared around 126 GB of Twitch data, including its source code and history. The hacker also exposed the company’s confidential documents and the personal information of its users. Most Twitch accounts were compromised, forcing users to change their login information to avoid having their data going public. The hacker attacked Twitch to disrupt its operations and give its competitors an advantage.

3. CNA RANSOMWARE ATTACK

  1. Many companies use this tool for company meetings. It is easy to record the meetings you hold and have files available for later viewing for those who may have missed the gathering. You can easily post these files to a SharePoint site via Microsoft Stream, another program in Office 365.
  2. Gone are the days when you have to collaborate with teams just via email. Teams are a great way to share documents being worked on via SharePoint, as well as receive updates on changes and progress. This cuts down on the amount of emails exchanged in team settings as well.

4. KASEYA VSA RANSOMWARE ATTACK

Hackers exploited a vulnerability in VSA, a software developed by this giant IT service provider company. This attack affected more than 1000 companies, adding to the most significant ransomware attacks so far. These were mainly government agencies and businesses providing IT services. The attackers demanded a $70 million ransom for the decryption of the company’s frozen files. Even though Kaseya managed to restore the IT infrastructure of its clients, the damage caused was devastating. Apart from causing widespread downtime, it led to a Swedish supermarket chain closing and negatively impacted the United States-Russia relationship.

5. JBS FOODS ATTACK

JBS is the largest provider of beef and pork in the US. Its attack shows that hackers do not choose which companies or businesses to attack. In May, JBS suffered a ransomware attack that crippled its operations. They paid an $11 million ransom to regain access to their systems. What caused the attack remains unclear, but the company had to produce an enormous ransom in Bitcoin to the hackers to get the decryption key.

NO ONE IS SAFE: PROTECT YOUR BUSINESS

Hackers are not picky — they strike at the slightest chance. Cybersecurity is vital whether your business is in food, tech, insurance, or any other industry. These 2021 hacks should be a wake-up call for you to comprehensively protect your business from any cyberattack whatsoever. Cybersecurity is a problem affecting both small and large companies, creating the need for organizations to take it seriously and invest their resources in protecting their systems. Imagine paying millions or losing crucial data to hackers? That isn’t good for business.

Let ICS Data help keep your systems secure, protect your company’s data and avoid falling victim to cyberattacks. Talk to our experts for any IT-related information and services. We can help you protect your business from hackers.

Stay Clear of Hackers This Thanksgiving Weekend

Stay Clear of Hackers This Thanksgiving Weekend

According to pcmag.com, “U.S. Warns Hackers Will Try to Strike During Thanksgiving Weekend“. Moreover, US cyber authorities are urging companies, especially operators of critical infrastructure, to shore up their defenses during the coming holidays.

IT’S ALL ABOUT TIMING…

The root cause of the prediction is entirely based on employees being out for a given period of time, leaving technical infrastructure alone. They also state, “Recent history tells us that this could be a time when these persistent cyber actors halfway across the world are looking for ways—big and small—to disrupt the critical networks and systems belonging to organizations, businesses, and critical infrastructure,” the agencies said.

Ultimately, the authorities are nervous about hackers spreading ransomware to a victim’s network. As you may know, the idea behind ransomware is to cripple your files so that you have little to no access – to which hackers request a “ransom” (money) to open your network back up to you. And of course, there’s always the sweat about having your employees personal data, files, and the businesses most confidential information stolen.

“There haven’t been any specific events made by hackers thus far, but authorities also have noticed these attacks coming during holidays or weekends”, the agencies said.

As a result, the ongoing issue has prompted the Biden administration to make fighting ransomware a national security priority.

With that being said, we recommend your company take action to protect yourself against smaller, minor acts of ransomware and attacks from hackers. It’s only becoming more popular, and the time to protect your company’s assets is now. Get ahold of us today to see how we can help.

What You Need to Know About the Facebook Outage

What You Need to Know About the Facebook Outage

A few days ago, there was an interesting series of events that caused a Facebook outage. According to Facebook Engineering, “their teams learned that configuration changes on the backbone routers that coordinate network traffic between their data centers caused issues that interrupted this communication. This disruption to network traffic has a cascading effect on the way their data centers communicate, bringing their services to a halt.”

So, if you noticed that your Facebook and/or Instagram page was down on Monday, that’s the explanation as to why. In the same article, they provide an apology to “all of the people and businesses around the world that rely on them.” It’s a shame to see communications errors, but as we realize, they sometimes happen to even the largest of giants.

Let’s dive a little deeper into what exactly happened…

THE FACEBOOK OUTAGE EXPLAINED

As baffling as it seems, this did actually happen. Stacked Marketer mentions, “it could have been a deal of a century.”

Because Facebook-owned properties were offline, someone performed some DNS magic on Facebook.com causing it to appear “for sale” on many registrar websites. Twitter’s founder, Jack Dorsey, was one of the first to offer to buy the domain (see image to the right).

ICS Data - Jack Dorsey's Twitter Post About Facebook Outage

WHAT DOES THIS ALL ENTAIL?

It’s true, even the biggest tech companies in the world can have failures that cause catastrophe. That’s why it’s important to understand that live [hot] changes can affect outcomes at any stage of your technological process. Meaning, it’s better to test [stage] processes before doing anything to affect internal measures.

This Facebook outage cost Mark Zuckerberg billions of dollars. Now, we’re not saying that it could cost you that much, but you would lose time, money, and possible assets in the same situation.

Let’s talk today and see what other technical adventures we can help with.

Top Cyberattacks in 2021

Top Cyberattacks in 2021

EMAIL THREATS

SPOOFING

One of the top cyberattacks right now comes from bad actors attempting to impersonate your co-workers and employers. If you’re suspicious of a scammer, don’t reply! They’ll do anything they can to trick you into believing that you’re talking to someone you know and trust, through email and web threats.

Emails contain information that a lot of people don’t pay close attention to. One specific item is the “From” email address. Anther is the email address communicating with your email server where to send your “Reply” to. Both of these can be entirely different, and can alter the state of the “From” field to fool you.

Fortunately, MailShield and The Email Laundry protect you from impersonation attempts where the scammer actually uses the email address they are impersonating in the From field. An example of what that might look like is My Boss<myboss@mycompany.com></myboss@mycompany.com>. When you click Reply, it gets sent to the hidden Reply-To item.

Tip! If you create a new email and type in the To field myboss@mycompany.com, it will go to your boss!

Slightly less dangerous is when they don’t hide their sending address, such as My Boss<scammer@iamafake.com></scammer@iamafake.com>If you receive an email from a coworker that just doesn’t seem right, look for that give away!

PHISHING

Phishing is a very wide spread threat today. There are many types including spear phishing and whaling. Phishing attacks take many forms, but most of them involve posing as someone you know and trust. This can be a person or a company.

A common form of this is an email that claims to be from your server administrator stating that you have emails being held and to click a link and log in to claim them. When you click the link, you may be taken to a site that is made to look like the one you expect and be prompted to log in. You will have just given away your email password.

There are a number of account types that are targeted in this way. Imagine if your bank sends you an email saying click here to handle this urgent matter! You might think, “Uh Oh! I better do it right away!”. This is how your accounts can become compromised. Don’t trust the link, and don’t trust the button!

SPEAR PHISHING

Spear phishing is targeted phishing. This is when a specific individual, or a whole company, is targeted by phishing emails. Generally, the bad actors will start by obtaining as much information from the company’s website as they can. This includes any email addresses listed, as well as the names of any contacts that arelisted on the site. Once this is done, they often implement spoofing techniques.

WHALING

Whaling is the term used when the phishing methods are targeting the senior executives and other high profile targets. It is a specialized form of spear phishing. Generally, once the scammers have obtained enough information about a company, they will pose as the CEO and request a purchase, or a funds transfer. Usually, the purchase will be some kind of gift card and they will ask for the numbers once the purchase has been made.

WHAN YOU CAN DO!

There are some basics things that will help keep you safe from many, if not all, email threats. The first is to utilize an anti-spam service. There are some habits that you should get into that will also help keep you safe.

AS AN INDIVIDUAL…

  • Remember the From field of an email doesn’t always show who actually sent it or who will get the Reply!
  • Remember the Reply-To hidden item? Click New or Compose instead of Reply if you are suspicious. Then you know who you are sending to!
  • If anything about an email seems out of place, be suspicious!
  • If a known and trusted contact sends an attachment or shares a document that seems unusual, DON’T OPEN IT! Find an alternative method to confirm they sent it. Phone or face to face is best.
  • Only use the method of logging in to online accounts that you normally use. If there is an issue, there should be a notification waiting for you. If you get an email saying there is an issue with your account, don’t click the link.
  • Set up multi-factor authentication (MFA) when possible! MFA makes logging a little more of a hassle but the security benefit is enormous!

AS A COMPANY…

  • Establish policies! Set and follow rules on fund transfer and purchase requests via email. Phone or face to face confirmation is best, but even clicking New can help here. Except if the requesting email address was compromised…
  • Establish protocols. When you begin doing business with another company ask them if, and how, they send documents via email. Include
    • Is it an attachment? Or a shared online document?
    • What type of document?
    • What email address will it arrive from?
    • Are they sent on a schedule?

WEB THREATS

PHONE SCAMS

There are two ways you might be targeted by a phone scam. You might get a call from someone claiming to be a Tech working for Microsoft, or perhaps another well known maker of software. The Tech will then tell you they have detected that there is a problem with your computer and that you need to give them remote access to fix it. Hang up!

You may also suddenly receive a pop up while browsing the internet. The pop up will claim that a virus, or other “Urgent” problem has been detected and you will be urged to call a number provided so that you can be assisted.

The results of allowing a remote connection are usually, but not limited to:

  • Installation of malicious software that can steal sensitive data. This includes passwords, credit card information, email information, and any other confidential information stored on your device.
  • Permanent lock out from your device making future data access impossible without reinstalling the operating system. Worse yet, they may encrypt the data.
  • Inevitably, they will charge exorbitant amounts to “fix” the problems that they just caused.

The pop up may sometimes lock up your browser and prevent you from closing the page. In this case, you can:

1. Press CTRL , ALT , and the DELETE keys on your keyboard.

2. Select ‘Task Manager’

3. You will see a list of running applications. Select the browser you are using and press the DELETE key, or click the ‘End Task’ button.

5 Things to do Right Now to Prevent a Ransomware Attack

5 Things to do Right Now to Prevent a Ransomware Attack

1. GET A BACKUP AND DISASTER RECOVERY SOLUTION

In today’s world, backing up your data may seem easy, but if you attempt to restore it yourself, you may risk downtime, man hours, resources, and many other factors. By creating a disaster recovery plan, you have a concrete solution in place to ensure these negative situations don’t occur.

If a ransomware attack does occurs, but you’ve backed up your data, you’ll rest easy knowing that there’s a solution moving forward.

You may run into situations like Colonial Pipeline Co.’s (CPC) recent ransomware attack. Cyber criminals locked everything, threatened to leak it to the internet, and shut their entire business down. They requested a ransom of $200,000 to $2 million.

👉 Need your data backed up? We’re here to help.

2. INVEST IN SECURITY AWARENESS TRAINING

Ultimately, hackers rely on the “human element” more than any other factor to gain access to your information. Meaning, when one of your employees clicks on a link they shouldn’t, that’s the best time for hackers to act.

Of course, no one has the intention of doing so; however, they probably don’t think as seriously about IT security as you may.

Investing in security awareness training will help create a culture of vigilant employees working to identify and avoid malicious links, phishing emails, and dangerous behavior.

ICS Data - Computer Hygiene and Maintenance

3. FILTER YOUR EMAILS

Learning to prevent phishing is one of the most important ways to protect yourself from a ransomware attack since most ransomware is distributed through email.

Implementing an anti-spam filter is one of the most efficient ways of filtering out any potential unsafe and unwanted emails.

Watch out for business email compromise, don’t click ads, keep an eye out, and always check the sender’s domain.

ICS Data - 5 Ways to Prevent a Ransomware Attack

4. INSTALL ANTIVIRUS AND NEXT GENERATION FIREWALL

Installing an antivirus protects your endpoints (computers, servers, etc.) and your firewall protects your entire network by filtering incoming and outgoing network traffic based on your organization’s security policies. Having these pieces in place will prevent your risk of ransomware attack.

5. TAKE YOUR PROTECTION AGAINST RANSOMWARE TO THE NEXT LEVEL

If you want to make sure that your disaster recovery plan is correct, that your firewall is top-of-the-line, and that your employees are well-trained to avoid getting phished in the first place, then you should consider working with a proven IT security company.

We’ll help you find the solutions that match your budget and requirements – ensuring you pay for the correct amount of security you need. Then, we’ll analyze your current security measures and suggest ways of improving.