Cyber security

12
Dec
2023

Water System Attack

Water System AttackA recent cybersecurity incident highlighted vulnerabilities in critical infrastructure in the United States. A municipal water center in Pennsylvania was targeted by an Iranian threat actor known as CyberAv3nger. The attack exploited internet-connected programmable logic controllers (PLCs) and defaced the unit’s screen with a message expressing anti-Israel sentiments. The hacker group appears to be targeting equipment made in Israel. The water company took the unit offline and switched to manual operations, but the compromise was a wake-up call for critical infrastructure with questionable security practices.

The attackers were able to take control of the PLC with the manufacturer’s default password, showing that the controller unit was public-facing on the internet and easy to access. The hackers could easily search the internet for this controller and keep trying them until they found one where the password was not changed from the default. Water utilities are chronically underfunded, so they often don’t have room in the operating budget for cybersecurity employees. Water utilities were supposed to be added to the list of other public utilities inspected for cybersecurity defenses by the EPA, but the government was forced to abandon the new law after lawsuits from attorneys general of Arkansas, Iowa, and Missouri. This new attack is likely to bring EPA inspection back to the forefront.

On December 1st, the FBI, NSA, and EPA released an alert highlighting the malicious cyber activity of CyberAv3ngers and other similar groups. The alert warned of attacks in energy, food and beverage, manufacturing, and healthcare sectors. Cybersecurity specialists have focused on the internet-facing part of the attack. Many of these controller devices do not need to be on the internet to perform their function. We are so used to connecting all devices to the internet, but in an industrial setting, it opens controllers and the business network up to attack.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business
28
Nov
2023

Data Protection

Data ProtectionProprietary business data and customer data are often the target of modern phishing and ransomware attacks. Criminals seek to steal, encrypt, exploit, and sell your company data. In a ransomware attack, the encryption of this data stops your employees from doing work, losing money for your business. So, it should go without saying that data encryption falls high on the priority of cybersecurity for small businesses, but for many, it does not. Today, we will review some basic data protection methods to consider for your small business network.

Classification and Encryption
First, Business data must be classified so the critical data can be segmented and encrypted. Critical data is deemed essential for the business’s success, including customer information, financial data, intellectual property, employee data, and operational data. The data identified as critical should also utilize encryption and Data Loss Prevention (DLP) tools. DLP tools can help protect, monitor, mask, and alert administrators if the data is moved or breaks policy rules.

Segmentation and Access
One of the first steps small businesses can take is limiting data access. As a business grows, sometimes every employee can access customer, employee, and operations data. If a criminal is able to access the business network through an employee login, they have access to all of the data the business uses to operate.

All employees should only have access to the data they need to perform their jobs. Limited access is essential for the critical data highlighted above but should be used for all data to reduce the amount of business data a single employee can access. Additionally, administrative privileges should be limited, and only used to make admin-level changes. No employees should do their daily work under an administrative login.

Even though data is often the target of a cyberattack, it’s not always the first step small businesses consider when implementing security. Some simple high-level practices can make your business data more secure and limit the impact of an attack.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business
21
Nov
2023

Holiday Shopping Cybersecurity

Holiday Shopping CybersecurityThe upcoming long weekend is the start of holiday shopping for many consumers, with Black Friday and Cyber Monday sales from many retailers. Studies show consumers got comfortable with online shopping in greater numbers during the pandemic and have not returned to in-person shopping in the numbers seen before 2019. However, online shopping-related scams grew to 22% during the same time last year when victimized shoppers lost an average of $1200 each to scam websites. Online criminals are opportunists, so that number is expected to grow this year as consumers continue to look for holiday deals online. Hackers can also use the vulnerabilities of consumers to pivot onto business networks, especially since many employees are at work during Cyber Monday.

Employees should understand the possible online threats of this shopping season, and employers should have clear policies outlining internet use on company devices. Below are three tips to help you and your employees stay safer this shopping season:

Emails and Promotions
Employees should have a heightened awareness of promotional emails this time of year. Criminals will use spoof emails with the same graphics and text as reputable emails, but the links will lead to nefarious sites or requests. Look out for suspicious URLs, suspicious email senders, and requests for personal information. When searching for deals online, use trusted retailers and be wary of deals that are too good to be true. Criminals develop websites that appear in Google shopping results that look like fantastic deals, but the products never arrive.

Secure Payment Methods
When shopping online, use credit cards and online payment methods with robust consumer protection. Using debit cards online is ill-advised because it is a direct link to a bank account.

Hardware and Software Updates
Hardware and software manufacturers are hard at work patching against the latest security threats found in the wild this time of year. Be sure to keep devices and software like browsers up to date all year around, but especially during the holiday buying season.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business
14
Nov
2023

QR Code Phishing

QR Code PhishingCybercriminals continue to change their tactics to adapt to new technology. Today, on the blog, we cover a new phishing tactic gaining popularity in the wild: QR code phishing, also known as quishing.

QR codes have become a common way to transfer data in restaurants, mass transit, commercials, advertisements, and even product packaging. Additionally, QR codes can store more than just URL links. A QR code can store everything from plain text to contact data, geolocation, and download links to the Apple App Store or Google Play store.

Recent analyses have unveiled a 51% increase in quishing incidents in September 2023. The primary tactic involves manipulating Microsoft’s two-factor authentication (2FA), constituting 56% of attacks. Cybercriminals coax victims into providing their Microsoft email addresses and passwords and then use those login credentials for future attacks. Online banking pages are also exploited in 18% of quishing incidents, exposing unsuspecting targets to the risk of divulging personal banking credentials.

How can you and your employees avoid quishing attacks? First, only scan QR codes from verified sources. Criminals are using everything from physical stickers covering existing QR codes to scannable codes in emails to steal data. Second, don’t provide login credentials through QR code links. Like most phishing attempts, quishing is the first round of attacks attempting to steal data for more advanced attacks like ransomware.

Lastly, don’t scan QR codes in emails. QR codes in emails, PDFs, or JPGs attached to emails are a common attack vector of this new phishing trend. Placing a QR code in an email is odd because users are likely viewing the email on their phones. It’s difficult, but not impossible, to scan a QR on your mobile screen, but this should be a red flag that the QR code may not be trustworthy. Businesses should also understand this trend when sending business emails. Using a QR code on your website or in an email is generally bad practice. It’s difficult for most users to figure out how to scan the code, and with this new trend gaining popularity, it’s also suspicious.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business