Home/Tag:Cybersecurity

Cybersecurity

Tech Talk: How to Develop an IT Strategy for 2019

5 Things to Consider When Developing Your 2019 IT Strategy

At this time of year many of our clients are finalizing their budgets and plans for the coming year. Part of our job at TechMD is to help them develop and implement a sound IT strategy that aligns with their business objectives. With that in mind, here are 5 things you should consider while developing your IT strategy for the coming year.

1) Develop a technology mission statement.

Consider how you want technology to support your organization’s goals. The basics like email and file storage are similar in all organizations but what you need to figure out is the unique way you want your technology to impact your specific business. In general, you need to determine where your company is going and how technology can help take you there.

2) Perform a technology SWOT analysis.

This is where you outline your company’s technology related strengths, weaknesses, opportunities and threats. Doing this will help you see areas where technology can help mitigate weakness and threats or provide you with the ability to capitalize on strengths and opportunities. A sober word of caution: just about all organizations should have cybersecurity in their threats column.

3) Review your short- and long-term goals.

Knowing what your organization is working to accomplish will help you think about which technologies are worth investing in and how they can bolster your team to better achieve those goals. The business world is rapidly moving towards cloud technology. If you haven’t considered this already, next year needs to be the year where you consider how the cloud will impact your business. The digital transformation is happening, and your response could make or break your business.

4) Address the training and development needs of your team.

You’ll want to prioritize cybersecurity training for your staff, because they are the number one target for cybercriminals. You’ll also want to consider what new skills need to be learned as you adopt new technologies and how you will educate your employees who utilize those skills.

5) Develop an IT budget.

Many businesses leaders we talk to consider an IT budget an oxymoron; they feel like IT costs are always surprises and investment is always out of control. But with the right focus and team an IT budget can be created and followed. The IT budget should align with your goals and ensure your company can properly invest in the technology you need to run your organization effectively.

The most useful IT budgets are based on a 3-year cycle and provide you with great visibility into the investments required for that time frame. During this process, make sure that you involve your organizations leadership team and stake holders. If you don’t have a C-level IT employee at your company, you may want to look into engaging a company like TechMD or an outside IT consultant to help guide you through the process.

We’d love to help!

If you have any questions about how to build your IT strategy for the coming year, we’d love to help. Please feel free to reach out to us here.

For more information about the cloud and cybersecurity, please check out the links below:

Further Reading

December 13th, 2018|

Cybersecurity Alert: SharePoint Phishing Attack Targets Office 365 Users

New PhishPoint Attack May Be Affecting As Many As 10% of Office 365 Users

Recently we have been seeing a new phishing attack called PhishPoint that is targeting Office 365 customers. In this scam, cybercriminals are inserting malicious links into SharePoint files and then sharing them with potential victims, ultimately allowing them to steal Office 365 user credentials.

This attack is particularly insidious because it bypasses Office 365’s built-in security. Microsoft automatically scans incoming emails for malicious links and attachments, but a link to Microsoft’s own SharePoint Online platform wouldn’t raise any red flags with their system. Because the malicious phishing link is hosted in the SharePoint file rather than the email itself, is goes unnoticed by Microsoft’s email security.

How to Spot A PhishPoint Attack

In a PhishPoint attack, the target will receive an email that looks exactly like the standard SharePoint invitation to collaborate:

an example PhishPoint email

Clicking on the link will automatically open up a SharePoint file. This SharePoint file will contain content that looks like a standard request to access a OneDrive file. However, the link to “Access Document” is actually a malicious URL.

A malicious SharePoint file

Clicking on the SharePoint link to access the document takes the user to a spoofed Office 365 login page. When the victim enters their username and password, their credentials will be recorded and stolen by the hacker.

PhishPoint ultimately leads to a spoofed Office 365 login screen

How Can You Protect Yourself?

Like many phishing attacks, PhishPoint is designed to perfectly imitate aspects of the Office 365 experience in order to lull users into a false sense of security. Here are a few things to keep in mind:

  • PhishPoint emails are unsolicited and usually have a generic subject line like “[name] has sent you a OneDrive for Business file”. If you are not expecting a file share from someone in your office, take the time to verify the email’s legitimacy by calling the sender directly or, better yet, talking to them in person.
  • Many PhishPoint emails attempt to manufacture a sense of urgency by including words like ACTION REQUIRED or URGENT in their subject lines. Don’t let the sense of urgency put you in a hurry—take the time to look closely at emails like this before clicking on them.
  • Always check the URL when you receive suspicious links! In PhishPoint’s case, when you finally make it to the login page, you can tell that it is not associated with the Office 365 domain by looking at the address bar in your browser.

To learn more about how to spot phishing attacks, check out this helpful video. As always, make sure you stay alert and think before you click!

August 21st, 2018|

Tech Talk: Five Essential Steps to Protect Yourself from Cybercriminals

Threats and attack vectors from cybercriminals continue to evolve, and businesses need to stay on top of the changing cybersecurity landscape to ensure their critical business and customer data is protected. On this episode of Tech Talks, Sebastian Igreti discusses five essential steps to keep your business safe from cybercriminals.

July 11th, 2017|

What You Need to Know About the WannaCry Breach

WannaCry Ransomware Causes Global Security Breach

You may have seen the news this weekend: cybercriminals released a new strain of ransomware that can automatically spread itself across all computers in a network. It’s been dubbed “WannaCry” and it’s causing a global epidemic. More than 40 hospitals in the UK were shut down over the weekend. Spanish telecommunications firm Telefonica reported 85% of their systems went down because of the cyberattack. And those are just a few of the victims: this monster has infected hundreds of thousands of systems in more than 150 countries.

This piece of malware is particularly dangerous because it only requires one person to make a mistake: if someone opens a phishing email attachment, it will not only infect their computer but will immediately spread to everyone else’s computer on their network.

The WannaCry Ransomware Payment Window

Each infection demands a $300 bitcoin payment to unlock that computer’s files, leading to massive downtime while breached companies attempt to make payments and wait for unlock keys to come back from the cybercriminals.

Steps TechMD Has Taken:

IT Security has always been a top priority at TechMD. We know there’s no silver bullet when it comes to IT Security, so we have invested in the following layers to protect our clients:

  1. Patch Management: we regularly update computers under our management with the latest security patches, and typically we do this work in the middle of the night while our clients are sleeping. Back in March, Microsoft released a patch to protect against the vulnerability exploited by WannaCry, and our team worked around the clock to deploy the update.
  2. Email Filtering: emails sent to our clients are filtered for spam and malware. We block thousands of emails every day from reaching our clients’ inboxes, helping to reduce the threat from these types of attacks.
  3. Antivirus: all the computers under our support have antivirus software that we install and manage. Our team monitors this critical layer of protection and work tirelessly to keep your antivirus software working and updated.
  4. Training and Awareness: individual users are by far the most important security layer in protecting themselves and their organization. Our weekly training videos and cybersecurity email alerts are helping to educate and train our 6,000 end users.
  5. Backup: we know there’s nothing anyone can do to guarantee security, and that’s why it’s critical that our clients have a robust backup strategy. In case all else fails we will use the backups to recover any lost data and reduce downtime.

In addition to these layers, TechMD has developed hundreds of best practices over the past 15 years. We have a team dedicated to deploying and managing these policies that are critical to keeping our clients safe from cyberthreats.

What Should You Do About This?

We have been working behind the scenes to protect your organization from this breach, but we still need your help. Here are a few things you can do to make sure WannaCry doesn’t infect your company network:

  • Remain Cautious with Email Attachments: be very careful when you get an email with an attachment or a link, especially if the email is unexpected. Opening attachments can immediately infect your computer, and following malicious links can give cybercriminals access to your computer and data. Remember: “When in doubt, throw it out!”
  • Don’t Wait, Alert TechMD: if you think you have been infected, or if you accidentally opened a suspicious-looking attachment in an email, don’t wait! Let us know ASAP by calling 888-883-2463.

For a quick refresher on how phishing attacks work and how to avoid them, check out this One-Minute Wednesday episode:

 


How Can You Protect Yourself at Home?

Although we only support the computers at your office, we want to share some steps you should take to make sure your personal computers are protected:

  • Patch Your Computer: the vulnerability exploited by WannaCry does not exist in Windows 10 however, the vulnerability is present in all prior versions. If you haven’t already done so, make sure your computer is patched with the latest security updates. Please refer to this article from Microsoft for more information.
  • Check Your Antivirus: check to make sure your antivirus software is working and fully updated. If you don’t have an antivirus on your home computer, here’s an overview of the top 2017 antiviruses.

All Quiet at TechMD

Although it’s too early to spike the football, as of today TechMD has had zero reported infections across the 6,000 workstations we manage. Our goal is to make sure your technology is seamless so you can stay focused on your day. That means we’ve made security a top priority, and we will continue working around the clock to respond to the ever-changing threats posed by cybercriminals. All that’s to say: don’t worry, we’ve got your back!

Have a productive week, and thank you for partnering with TechMD!

May 15th, 2017|

Cloudflare Announces Possible Breach of User Credentials

Make sure you change duplicate passwords immediately!

On Thursday of last week, website security provider Cloudflare announced a major security vulnerability affecting their service. This vulnerability has caused sensitive user data to be exposed across a number of popular websites, like Yelp, Uber, and others.

To protect yourself, make sure you are not reusing any passwords on multiple accounts. If you are reusing passwords, we suggest changing them to unique passwords immediately. People often get into trouble when a breach compromises one of their passwords, and they also use that password for their bank account, credit cards, or other sensitive logins.

We know it’s tough to make sure every single password is unique, so we recommend using a tool like LastPass. To learn more about LastPass, check out this article and One-Minute Wednesday video on our favorite password manager. You can also watch the video below:

 
February 27th, 2017|

Cybersecurity Alert: Latest Scam Combines CEO Fraud With W-2 Phishing

Tax season kicks off with W-2 phishing and wire transfer scams

These days, most of us are probably aware of CEO fraud, where cybercriminals impersonate high-level executives and trick employees into wiring company funds to an external account. And you may remember hearing about W-2 phishing during last year’s tax season, where scammers impersonated CEOs to extract employee tax forms from unsuspecting finance employees.

A W-2 Wage and Tax StatementRecently we’ve been seeing these two scams combined into a one-two punch. The IRS has released a security alert warning that scammers have started W-2 phishing much earlier than normal this year. Scammers have already extracted W-2 data from a number of U.S. companies, which have subsequently been used to file fraudulent tax returns. What’s worse is that these scammers are following up on their W-2 scam emails with a second set of phishing attacks, where they send a spoofed “executive” email to someone in the finance department demanding an urgent wire transfer.

“This is one of the most dangerous email phishing scams we’ve seen in a long time,” IRS Commissioner John Koskinen said. “Although not tax related, the wire transfer scam is being coupled with the W-2 scam email, and some companies have lost both employees’ W-2s and thousands of dollars.” A recent Federal Trade Commission report indicated that tax fraud contributed to a 50% increase in identity theft in 2015, and we think the upward trend will likely continue.

What should you do about this?

Most importantly, we suggest you send this email to anyone you feel may be at risk, whether employees, friends, or family. Feel free to modify the email to fit your needs:

[ALERT] Cybercriminals are starting their tax scams early this season! They are now combining two scams into a strong one-two punch. First, they ask you to send them the W-2 forms for all employees, with the email looking like it comes from the CEO or a C-level executive. Next, they follow up with an urgent request to transfer a large sum of money to a bank account controlled by these cybercriminals.

Remember: requests like this should raise a red flag. You should verify that the request is legitimate by calling the sender directly or, better yet, talking to them in person. These scam emails are often pushy and urgent, but don’t be afraid to spend five minutes verifying them, even if it’s the CEO making the request!

To learn more about how to spot phishing attacks, check out this helpful video. Cybercriminals are out in force this tax season, so make sure you stay alert and think before you click!

After educating your team, make sure you report any suspicious emails. According to the IRS, organizations receiving a W-2 phishing email should immediately forward it to phishing@irs.gov with “W2 Scam” as the subject line. Anyone receiving phishing scams or falling victim to one should also file a complaint with the FBI’s Internet Crime Complaint Center (IC3).

If you think your W-2 form has been stolen: you should review the Federal Trade Commission’s recommendations at www.identitytheft.gov or the IRS’s steps at www.irs.gov/identitytheft. If your tax return was rejected because of a duplicate (likely stolen) Social Security number, you should immediately file a Form 14039 Identity Theft Affidavit with the IRS.

Finally, we suggest filing your taxes as soon as you can this year—a fraudulent tax return will be rejected if you beat the cybercriminals to the punch.

If you’re not sure whether your company is protected from the latest cybersecurity threats, we’d love to help you assess your vulnerabilities and then work with you to take action. Click here to make an appointment to discuss your security assessment. And don’t forget to stay safe out there!

February 14th, 2017|

Five Tips for Shopping Securely Online

Shop Smart and Secure This Holiday Season!

Christmas is just around the corner, and while you might have all your shopping done already, most of us are still looking around for the perfect gift! And like many people, you’ll do a good portion (or even all) of your shopping online.

However, is your financial data protected? Have you taken the proper measures to make sure your online purchases are protected? Finding the perfect gift may be stressful, but cybersecurity doesn’t have to be too—here are a few tips for staying safe while shopping online:

#1: Create Secure Passwords

    Checking out online can be a tedious process. You often have to sign-up for an account, fill out your name and shipping information, and choose a username and password to log in to your account.

    A crucial part of this process is making sure you choose a secure password. While choosing a password you’ve already memorized is often the easiest route, it is not the safest way to do things. If a cybercriminal breaches an online vendor and gains access to your username and password, they will test those login credentials against more sensitive websites, like you bank or credit card.

    The best way to prevent this is to use a different password for every website. This can quickly become overwhelming—to manage all those passwords, we highly recommend our favorite password management tool: LastPass.

#2: Shop on a Secure Website

    Shopping on websites through a secure HTTPS connection is one of the most important things you can do to stay safe during the holiday season. A website with HTTPS enabled means that any information you submit will be encrypted rather than being sent over the network in plain text. This helps keep you protected from cybercriminals intercepting and stealing your credit card data.

    One way to tell if a website is secure is to look for a padlock icon to the left of the website address in the navigation bar, and “https” at the beginning of the web address. Most common web browsers, including Chrome, Firefox, and Safari, will display this icon.

    The Firefox navigation bar showing a secure connection

    You can learn more about secure HTTPS connections here.

#3: Avoid Shopping on Public Wi-Fi Networks

    Public wi-fi networks are convenient, allowing you to browse the internet for free while on the go. However, public wi-fi networks are rarely secure, and purchasing gifts or logging into online accounts while connected to one can be a huge risk. Any data sent through a free public connection is vulnerable to being observed and captured by malicious cybercriminals.

    If you’d like to learn more about some best practices for browsing on public wi-fi networks, don’t miss our One-Minute Wednesday episode on wi-fi security!

#4: Just Say No to Unsolicited Email Offers

    Getting deep discounts on your purchases is always exciting, but you should be wary of any email offers coming from stores you don’t commonly shop with. This is a big red flag that could indicate a phishing attempt.

    Scammers often send out emails posing as online shopping outlets, tempting consumers to click on malicious links with “can’t-miss” deals and offers. Clicking on these links will allow cybercriminals to steal any information you submit, including usernames and passwords as well as credit card data. If you’ve received a suspicious email like this and have clicked on the link, close the window and type in the online store’s web address directly, just in case.

    To learn more about phishing scams and how to spot them, check out our One-Minute Wednesday episode covering the Target Data Breach.

#5: Use a Credit Card, Not a Debit Card

    Even if you follow all the best practices outlined above, there’s always a small chance that your financial data will be compromised. Because of this, it’s a smart idea to use a credit card rather than a debit card for online purchases, since most credit cards are covered with fraud protection and credit card companies are incentivized to resolve any fraudulent activity quickly.

    Fraudulent activity on your credit card is also better for you because there’s no immediate impact to your cash flow—if someone steals $1000 from your checking account, you’re out of luck until you get it back. But if someone charges up $1000 on your credit card, you aren’t obligated to pay off the charges while you wait for them to be reversed.

Above all, Christmas is a time to celebrate and enjoy your loved ones. Avoid having to worry about your cybersecurity and privacy during the holiday season by following our tips and tricks above.

December 8th, 2016|

Yahoo Announces Largest Security Breach of All Time

the Yahoo sign at company headquarters

On Thursday, Yahoo announced a massive security breach involving user account credentials for its services.

According to Yahoo’s investor relations page, “a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor”. The account information in question includes names, email addresses, passwords, birthdays, telephone numbers, and some potentially-unencrypted security questions and answers”. Yahoo says it does not believe any credit card or bank account information was included in the breach.

Initial accounts from Yahoo indicate that at least 500 million user account credentials were stolen, making this the largest security breach of all time. If you use any of Yahoo’s services, we strongly recommend changing your password and security answers as soon as possible.

To learn more about creating strong passwords and protecting them from hackers, check out our One-Minute Wednesday episode by clicking here or watching below:

 


You can watch our One-Minute Wednesday episode on LastPass here.

See below for the full message from Yahoo’s investor relations page:

A recent investigation by Yahoo! Inc. has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor. The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers. The ongoing investigation suggests that stolen information did not include unprotected passwords, payment card data, or bank account information; payment card data and bank account information are not stored in the system that the investigation has found to be affected. Based on the ongoing investigation, Yahoo believes that information associated with at least 500 million user accounts was stolen and the investigation has found no evidence that the state-sponsored actor is currently in Yahoo’s network. Yahoo is working closely with law enforcement on this matter.

Yahoo is notifying potentially affected users and has taken steps to secure their accounts. These steps include invalidating unencrypted security questions and answers so that they cannot be used to access an account and asking potentially affected users to change their passwords. Yahoo is also recommending that users who haven’t changed their passwords since 2014 do so.

Yahoo encourages users to review their online accounts for suspicious activity and to change their password and security questions and answers for any other accounts on which they use the same or similar information used for their Yahoo account. The company further recommends that users avoid clicking on links or downloading attachments from suspicious emails and that they be cautious of unsolicited communications that ask for personal information. Additionally, Yahoo asks users to consider using Yahoo Account Key, a simple authentication tool that eliminates the need to use a password altogether.

Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry. Yahoo and other companies have launched programs to detect and notify users when a company strongly suspects that a state-sponsored actor has targeted an account. Since the inception of Yahoo’s program in December 2015, independent of the recent investigation, approximately 10,000 users have received such a notice.

Additional information will be available on the Yahoo Security Issue FAQs page, beginning at 11:30 am Pacific Daylight Time (PDT) on September 22, 2016.

September 26th, 2016|

Infographic – Traditional Backup vs Business Continuity

A common question in business is “do I back things up myself or let someone else handle it?” Let this infographic settle the debate once and for all by giving you the truth on data backup!

Click the image to learn the full story!

Traditional-Backup-vs-Business-Continuity-Top

November 24th, 2014|