Cybersecurity Awareness Month Highlights

Being that October is Cybersecurity Awareness Month, I thought we would just reiterate some very basic information that most people already know- yet many fail to practice…

Fishing and Phishing

Fishing is the art of dangling bait to catch a meal. Phishing is the art of dangling bait to catch a person. Phishers will impersonate friends, families, companies or authorities and dangle offers or threats to attract attention. Then, when someone takes that bait, the phisher harvests their information or money.

Thanks to the internet, phishing is very common today. Phishers send emails to engage you, asking you to click on a link or download an attached document. Bait includes financial incentives, offers of jobs or prizes, and warnings about needing to pay a bill. The goal is to harvest money and data — or get you to download malware which will infect your system.

Plain old skepticism is your best defense against phishing. Phishers want you to act quickly without questioning what they’re telling you, because their stories usually can’t hold up to closer inspection. Never download unsolicited documents or click on links in emails. 

The Many Forms of Malware

Malware comes in many forms … and many disguises. Variants include computer viruses, worms, Trojan horses, rootkits and ransomware, but it all comes down to the same thing: malicious software invading your machine.

The main purpose of malware is to steal money, data, access and other valuable things. It may be either self-propagating or controlled by a remote attacker, but any form of malware attack on your system will be dangerous for you.

To protect yourself from malware, always use an updated antivirus and firewall. Enable automatic updates so that your system doesn’t miss crucial patches. But you have an important role in protecting your system, too: it’s important to never carelessly download files or permit random programs to run. 

download - 2020-10-05T094729.126

Social Engineering — And All Its Moving Parts

Sometimes, the most powerful tool is a word. Social engineers know that, and they use that tool to bypass all of the automatic protections and preplanned procedures you have in place. A persuasive lie can get an attacker further than a dozen hacking tricks.

Fighting social engineering is all about being skeptical and thinking clearly. Social engineers want you to act quickly and not question what they tell you. They use tactics like sympathy, intimidation, authority and urgency, pressuring their targets to make careless decisions — such as letting them into a restricted area or turning over valuable information.

When you ask questions and treat every request with healthy skepticism, you stop social engineers in their tracks. Ask them: “Can I see some ID?” Or say “I need to verify this with my supervisor.” Refuse to be taken in by a sob story or threats and insist on checking with your boss or the appropriate authorities. 

Your Data is Valuable — Protect It

Thieves coming after your money is easy to understand. But why would someone target your data? 

Many people don’t think of protecting data such as their email address, phone number or personal ID number. But these simple pieces of information are often valuable targets for attackers. All forms of data are valuable in one way or another: a phone number, for example, can help an attacker impersonate someone and search for more connected identity information.

Protect your data and the data of others that you may handle. You can do this by never giving out information to anyone without explicit permission. Knowledge is your best defense: be aware of the different ways attackers can target your data and the various tricks that they use to convince you to hand it over. 

Data Breaches & The Dark Web

Not 'If Your Network Is Breached,' - but WHEN

Data breaches are a REAL threat that you should plan for. Do you take that advice seriously? A lot of businesses don’t, which is alarming since SMBs have a higher susceptibility of being successfully breached, in comparison to larger corporations! There is a lack of knowledge and wherewithal to plan for varying attacks, but you can take small steps to mitigate exposure to the threats before they gain access to your network.

Ask yourself these questions:

–        What monetary value is at stake if my business is successfully is hit with a cyber-attack?

–        Could I detrimentally affect the lives of my customers if their information gets into the wrong hands?

–        Would my business go bankrupt because of an attack?

Think about it this way. When it comes to experiencing a data breach, the odds are as high as 1 in 4. Therefore, you must understand the probability of being attacked, how your business could be affected – and even more importantly, which factors can reduce or increase the impact and cost of your data breach.

You have to compare the cost of preventing an attack versus recovering from an attack. What is the value you put on protecting your network with the most up to date security offerings? Once you have responded to the questions above, this answer should be clear as day.

A good place to start is to see whether your credentials (email and passwords) are on the Dark Web. If you have been compromised, we can assist your business. If nothing turns up, you’ll have peace of mind and can take preventative actions. I would like to offer you. Take the next logical steps to robustly protecting your network!

Is 5G Ready For Primetime?

Is 5G Ready For Primetime?
Is 5G Ready For Primetime?

There has been a lot of hype about 5G. That being said, do you know anyone who is actively using 5G in their everyday life?  Nor do I…. A few of you may have said yes, but that is most likely either a fixed 5G application, or that person has a limited range of travel and of course has a 5G device. Most of us are still waiting and still watching the major carriers talk about how expansive, and fast, their 5G networks are. Maybe our day will come soon?? One of the main reasons for the tone of this paragraph is that we have been hearing about 5G for over 4 years, and in the last 2 years it has been the focus of the top 3 wireless carriers in their advertising.

The 2nd half of 2020 may have been a banner year for 5G, but a nasty virus upended “normal life.” Construction and also the enthusiasm to go out and buy a new expensive 5G device fell by the wayside. So things have slowed, for now, but will eventually be back in place.

In a year or two, though, 5G will be the norm. It will be the foundational technology that supercharges many aspects of our lives. Everything from self-driving cars, virtual reality, remote surgery and most industries. This technology is not just about speed, but also about low latency. Latency for this conversation is the time between us clicking on a link and the time that application responds. That lag time can last around 20 milliseconds with current networks, and around 1 millisecond for 5G. This may not seem like much, but this is a huge deal…ask a serious video gamer or a remote surgeon. Talking over someone will be nonexistent. We will also start to see more remote surgeries….no one wants a delayed reaction there!

The cost for 5G on a monthly basis should run around $10 more, but time will tell as to how competition influences this part of 5G. One of the reasons for keeping the cost low, and for the faster delivery of 5G, is that carriers are now using a spectrum of bandwidth they’ve already had in their arsenal. In order to cover wider areas and to deploy 5G to the masses in a shorter timeframe, the carriers are utilizing their 2.5 GHz spectrum to get a wider coverage area. Even though this will provide slower speeds than the original high-frequency spectrum, it will still be faster than the 4G we have now. Speaking of which, you will be able to continue to use your 4G phone. When you decide to purchase a 5G compatible phone in the future, you will at times still be using the 4G network. It will be years, maybe 10+, before your current 4G phone is completely obsolete. So for now, just listen to the ads and make the switch to 5G/4G when YOU are ready.                

Protection Against Digital Threats

Organizations must have a proactive approach in defeating digital threats. Unfortunately, many businesses focus on IT alone and do not treat cybersecurity as an ongoing process. Although your system may seem secure today, tomorrow a hacker may discover a critical vulnerability.  Although this is an unpleasant thought, we are not in the business of profiting on fear.  As Cybersecurity experts, we work alongside our clients to assist them in implementing the necessary processes and controls. Cyber criminals only need to discover one un-patched flaw in your security armor to launch a full-fledged cyber-attack.

As part of a wider security strategy, organizations should be running continuous vulnerability scans to discover new and emerging cyber threats. Vulnerabilities are almost always found within applications because software is developed by humans and humans make mistakes. To minimize this window of opportunity for attacks, you should be running vulnerability scans at least once a quarter and patching security weaknesses accordingly. You can’t defend your infrastructure if you are not patching vulnerabilities faster than cyber criminals can find them. As part of your strategy, you need to continuously identify and remediate vulnerabilities in your business-critical applications. But how can you do this without putting too much strain on your IT staff?

The answer is simple: CyberGate IT…”Keeping Private Information From Becoming Public”

2020 Winner of Atlanta’s Best and Brightest Companies To Work For

3 Years In A Row!

The Best and Brightest Companies to Work For® competition identifies and honors organizations that display a commitment to excellence in their human resource practices and employee enrichment.

Organizations are assessed based on categories such as communication, work-life balance, employee education, diversity, recognition, retention and more. All participating companies receive a complimentary assessment report and benefits throughout the year. 

The Important Role Of Cyber Security

As technology continues to become more common in the workplace, so too are threats of cyber-attacks on your company. Organizations of all sizes are susceptible to cyber threats, with small and medium sized companies serving as the principal targets. In this now ever-changing online workflow, it is important to understand not only the role of cyber security, but also the impact cybercrime may have on your company if left unprotected.

Why Is Cyber Security Important?

As an employer, you’ll naturally want to protect your company’s sensitive data. But what about the personal information made available from your employees? Credit card numbers, Social Security numbers, emails and passwords. These are all targets cyber criminals look to capture when executing data breaches. With the rise of cloud services now leading the way in storing sensitive data, you’ll want a system that both works for and protects you and your data.

After securing personal information through a series of data breaches spread out over what could be multiple years, hackers stand to make a fortune selling your information on the dark web. The criminals who buy this information often times do so with the intention of stealing identities.

However, identity theft isn’t always the goal for cyber criminals. A cyber-attack may aim to compromise your data integrity. In other words, a hacker may attempt to change or destroy company data in order to create distrust and conflict within on organization. Without the proper means of security, it is only a matter of time before hackers find their way into your most sensitive accounts.

What Is the Potential Impact Of Cybercrime On A Company?

A lack of cyber security could lead to an increase in damage to your company, including:

  1. Attacks to Your Reputation – As mentioned above, hackers have the ability to change or even delete data once infiltrating your system. This could cause consumers to stop trusting your business, a poor media reputation and even a decrease in future business.
  2. Economic Loss – The cost to repair a damaged or breached security system could be quite expensive. Not to mention the theft of intellectual property and corporate information that may have also been stolen by hackers.
  3. Fines – That’s right. If your company were to get hacked and have a client’s sensitive data stolen, you could very well be on the hook for a civil lawsuit.

No matter the size of your company, it’s important to train your employees on the importance of online safety. Cybergate IT also provides vulnerability assessments to determine how your organization matches up against cyber-crime, and where best to prioritize security measures.

How To Keep Your Company Safe Online

There are many different measures you can instill to protect your company and employees from cyber-attacks.

  1. Educate Your Employees – All levels within the organization should understand the importance of online security. Familiarize them with phishing scams and emails and train them on what to do when they encounter suspicious activity.
  2. Keep Software Updated – Software companies will release updates that increase security measures. If you aren’t updating your software, you may be leaving your organization open to attacks.
  3. Strengthen Password Policies – This can be a companywide policy. A minimum of 8 characters, having a mix of both upper and lowercase letters, numbers and symbols helps to prevent theft. To increase security, change passwords at least once a month.
  4. Contract Cybergate IT – Our Cyber Security Threat Detection Bundle is an essential package that protects companies online. We perform a dark web credential search for your business, network vulnerability test, as well as a cyber security assessment. We also provide onsite consultation after these are performed to discuss results.

Cyber crime is only a headache if you allow it to be. Contact Cybergate IT to talk over security options and plans for your company today!

Complimentary Dark Web Scan (Limited Time Only)

Data breaches are a REAL threat that you should plan for. Do you take this advice seriously?

A lot of Georgia based businesses don’t take this advice seriously, which is alarming since SMBs have a higher susceptibility of being successfully breached in comparison to larger corporations! There is a lack of knowledge and ability to plan for varying attacks, but you can take small steps to mitigate exposure to the threats before they gain access to your network.

Ask yourself these questions:

  • What monetary value is at stake if my business is successfully is hit with a cyber-attack?
  • Could I detrimentally affect the lives of my customers if their information gets into the wrong hands?
  • Would my business go bankrupt because of an attack?
Think about it this way, when it comes to experiencing a data breach, the odds are as high as 1 in 4. Therefore, you must understand the probability of being attacked, how your business could be affected, and which factors can reduce or increase the impact and cost of your data breach.  You have to compare the cost of preventing an attack versus recovering from an attack.  What is the value you put on protecting your network with the most up to date security offerings? Once you have answered the questions above, this answer should be clear as day.

Complimentary Dark Web Search

A good place to start is to see whether your credentials (email and passwords) are on the Dark Web. If you have been compromised, we can assist by completing a Complimentary Dark Web Credential Search. If nothing turns up, you’ll have peace of mind and can take preventative actions. I would like to offer you this Complimentary Dark Web Credential Search. Take the next logical steps to robustly protecting your network!

Complimentary Dark Web Search
($299 Value)

Get started with our Complimentary Dark Web Credential Search

FREQUENTLY ASKED QUESTIONS

WHAT IS THE DARK WEB?

The Dark Web is a hidden universe contained within the “Deep Web”- a sub- layer of the Internet that is hidden from conventional search engines. Search engines like Google, BING and Yahoo only search .04% of the indexed or “surface” Internet. The other 99.96% of the Web consists of databases, private academic and government networks, and the Dark Web. The Dark Web is estimated at 550 times larger than the surface Web and growing. Because you can operate anonymously, the Dark Web holds a wealth of stolen data and illegal activity.
HOW DOES DARK WEB ID HELP PROTECT MY ORGANIZATION?
Our service is designed to help both public and private sector organizations detect and mitigate cyber threats that leverage stolen email addresses and passwords. Dark Web ID leverages a combination of human and artificial intelligence that scours botnets, criminal chat rooms, blogs, Websites and bulletin boards, Peer to Peer networks, forums, private networks, and other black- market sites 24/7, 365 days a year to identify stolen credentials and other personally identifiable information (PII).

HOW ARE THE STOLEN OR EXPOSED CREDENTIALS FOUND ON THE DARK WEB?

Dark Web ID focuses on cyber threats that are specific to our clients’ environments. We monitor the Dark Web and the criminal hacker underground for exposure of our clients’ credentials to malicious individuals. We accomplish this by looking specifically for our clients’ top level email domains. When a credential is identified, we harvest it. While we harvest data from typical hacker sites like Pastebin, a lot of our data originates from sites that require credibility or a membership within the hacker community to enter. To that end, we monitor over 500 distinct Internet relay chatroom (IRC) channels, 600,000 private Websites, 600 twitter feeds, and execute 10,000 refined queries daily.

DOES THE IDENTIFICATION OF MY ORGANIZATION’S EXPOSED CREDENTIALS MEAN WE ARE BEING TARGETED BY HACKERS?

While we can’t say definitively that the data we’ve discovered has already been used to exploit your organization, the fact that we are able to identify this data should be very concerning. Organizations should consult their internal or external IT and/or security teams to determine if they have suffered a cyber incident or data breach.