email

But I’m Too Small?

It is hard to believe, but there is a myth still shared by many small businesses and individuals.  The myth is “I’m too small for anyone to attack my business.”  This myth is far from reality.  A review of the target distribution data provided by hackmageddon.com shows that for 2019, the number one group being attacked is the individual (27%) and the number two group is multiple industries (14.3%), which is the small business group.

31% of all the cyber-attacks are designed for the individual and small business.  There is a logical reason for this.  Big business is taking cybersecurity seriously.  They have made it difficult for the criminals to break into their systems.  Criminals typically don’t want to work hard.  They have developed easily deployable tools to find those organizations that believe they are too small to be attacked (I call them “the low hanging fruit”).  At minimum, even if you don’t think you have anything worth stealing, your data has value to you.  Imagine not being able to access the data on your computer system.  That is the goal of ransomware, which continues to be one of the greatest threats to most organizations.  The reason for the steady increase in ransomware attacks is because it is an extremely successful tool to exploit money from their victims.

Implementing the best security tools won’t guarantee you will not experience some type of a cyber-event, but ignoring the facts and doing nothing, guarantees you are more likely to experience a bad day.

There is a minimum number of things that every business should implement that will minimize the threat of a cyber-attack such as ransomware.  The cost of these security tools has continued to drop and is now affordable for most small and medium sized businesses.  Quanexus has developed our Q-Stack which is a layered security approach to protect against cyber-threats.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Cybersecurity, Information Security, Physical Security, Recent Posts, Small Business, Wireless

Layered Security with Q-Stack

Our CEO, Jack walks through the layered security steps Quanexus uses to protect your data.

 

Posted by Jack Gerbs in Cybersecurity, Information Security, Physical Security, Recent Posts, Small Business, Wireless

New Phishing Campaign Using Microsoft’s Azure Blob Storage

Two, new email phishing campaigns have been identified with a unique twist.  The first is an email, notifying users of Office 365 that their account is out of date, and the information associated with the account needs to be updated.  This phishing email also threatens users that their subscription will be terminated unless they log in and update their account.

The second phishing email appeared to come from the business-oriented side of Facebook, called Workplace, and tried to trick users into clicking a “View More Posts” link.  Strangely, this link also went to a fake Office 365 login page instead of a fake Facebook page.

The twist on this phishing campaign that makes it stand out from others, is it used Microsoft’s Azure Blob Storage to host the campaign.  This extra creative step gave the attackers two advantages over what we normally tell users to look for, when they are inspecting suspicious emails.  Using Azure Blob Storage adds legitimacy to the phishing campaign because content hosted on the Microsoft service are given a windows.net URL.  To even discerning users, this windows.net address makes the content look as if it is actually coming from Microsoft.  The second advantage this service gave the attackers is that URLs hosted on Azure Blob Storage are given a wildcard SSL certificate.  This means the site had the familiar lock icon next to the URL that we associate with secure web pages.

What Can You and Your Business Do to Avoid These Advanced Traps?

Your users are still your biggest asset in avoiding these scams.  Continued education and reminders about what they should and should not be clicking on, need to be an ongoing process.  Even with these advanced tactics, there are still red flags in this campaign that should have stopped you from clicking.  In the first email, there was a threatening tone that your subscription will be terminated unless you click.  These phishing campaigns are written to create urgency and play on emotions.  The second email was seemingly for a Facebook Workplace page, but then landed users on an Office 365 page.  This is the level of attention needed to navigate these phishing campaigns.

As always, the best advice is to go straight to the source if you question an email.  In this example, instead of clicking the link in the email, type office.com into your web browser, log into your account as you normally would, and see if your account information needs updated.  The same goes for Facebook or Amazon.  If you get a suspicious email, instead of clicking the link, go directly to the site as you normally would, log in, and see if there is an issue.

Educating your users is the best defense against phishing campaigns like these.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

What You Need to Know About 5G

There are many benefits that will come from the new 5G infrastructure that is being created today. Initially, we will see Internet speeds increased by a factor of 100x. Speed is one thing, but low latency is just as important. Today’s 4G has relatively high latency, which makes watching HD media a challenge. With low latency, HD streaming video will become a reality. Other benefits of 5G are:

  • It will greatly enhance the ability of self-driving cars
  • Municipality traffic control
  • IoT device enhancement of sensors
  • Assist with the increase of farm yields
  • Medical procedures and remote surgery

With the new millimeter band spectrum, we will see small 5G cell sites densely distributed throughout the country. As 5G rolls out, the ability to connect with many IoT devices/sensors will provide invaluable information to increase the efficiency of everything. A few examples of industries that will quickly take advantage of this new technology are: medical, agricultural, and automotive/traffic control. Imagine having sensors in the field to monitor crop yields and check the health and status of livestock. In the medical field, 5G will increase the ability for augmented technology to assist with complicated surgeries. In the automotive world, autonomous cars will be better able to communicate with each other and will be one of the major technologies used to prevent collisions. Cities will be able to control traffic patterns based on real time information transmitted from vehicles. The possibilities are endless.

Back in the days of 2G and early 3G, the definition of what these terms meant were not as clearly defined as they are today. All the major telecommunication standards organizations got together and created the 3rd Generation Partnership Project (3GPP). This group defined the 3G standard and would define the specifications of future G technology. The difference in technology between 2G, 3G, and 4G is based on modulation techniques. Using different modulation techniques, we were able to transmit more data in the same spectrum space. Moving to 5G is a major technological paradigm shift from 4G. Basically, 5G is a list of approved/agreed specifications, standards and protocols. Depending on the infrastructure where the small cell sites are installed, power lines or fiber can be used to back haul the data.

The 5G standard includes many technologies, which offers the cell carriers options for implementation. The long-term implementation goal that most carriers will implement, includes small cell sites that have coverage ranges of 200 yards. These small cell sites will connect directly to cell phones or IoT devices. The small cell sites will back haul (connect) wirelessly to a data center for distribution.

3GPP has defined what the specific technologies that are 5G and what is not 5G. A few years ago, several of the big companies put up enhanced 4G services that they were marketing as 5G-like service, but the services they were selling were not real 5G as defined by the standard.

While the promise of 5G looks good and the major carriers are all set to start rolling out the technology, there are still some very big technological issues that need to be worked out. Many initial 5G roll-outs will be based on 5G FR1 (frequency range 1), with a migration plan to move to 5G NR (new radio, frequency range 2). It is estimated that it will be another year before some advanced features of 5G will be rolled out. There are some industry experts that are questioning the economics of 5G and are concerned whether 5G will be a profitable model for the carriers.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Wireless