Firewall

Jan

2023

SIEM Solutions for Small and Medium Sized Businesses

Jack talks through SIEM Solutions for small and medium sized businesses, how they are currently impacting the cybersecurity market, and why your business may need one in the near future.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Sep

2022

With the release of iOS 16 Monday, Apple took a significant step forward in killing the password as we know it. The new technology will be known as passkeys and will allow users to log into apps and websites without a password. In the future, supported platforms will allow account creation without creating a username and password. Passkeys will sync across the iCloud Keychain for backup in the event of a lost or broken device.

Passkeys are not proprietary to Apple; they are a part of open standards from the FIDO Alliance that Google, Microsoft, and Apple are using to eliminate the need for traditional passwords.

“Now is the time to adopt them,” Garrett Davidson, an authentication technology engineer at Apple, said in a WWDC talk about passkeys. “With passkeys, not only is the user experience better than with passwords, but entire categories of security — like weak and reused credentials, credential leaks, and phishing — are just not possible anymore.”

The open standard works on the premise of a pair of mathematically related keys. One key is stored on a public server and is not secret. The second key is stored on the user’s device and is confidential. When the website or app gets a request to unlock the user, they send a request to the smartphone or device on file. The smartphone authenticates through face-ID or fingerprint and sends the authentication back to the site without sharing the private key.

Traditional usernames and passwords make the website or app responsible for the lock. Passkeys put the lock in the hands of the user. The result is a technology that’s much more difficult to phish and does not rely on user-created passwords, which are notoriously terrible.

Apple is the first to add the technology to smartphones, but Microsoft uses passwordless login with their authenticator app and Windows Hello. Android announced passkey technology would be available to developers by the end of the year. Read more on our blog post A Future Without Passwords.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Jun

2022

How War Impacts Cyber Insurance

Businesses are turning to cyber insurance as ransomware and other cyberattacks continue to increase. Cyber insurance policies typically will help a compromised business contact customers in accordance with state laws, recover data, and repair damaged computers. However, the increase in costly ransomware has forced insurance companies to make policies more difficult to get approved.

A court decision earlier this year on an insurance claim from 2017 is raising questions about what cyber insurance looks like during times of war. A malware attack on Ukraine in 2017 quickly spread and destroyed data from thousands of companies around the world. The pharmaceutical company Merck was one of the businesses impacted by the malware which destroyed data on 40,000 of their computers. Merck estimated the cost of new equipment, personnel, and production downtime was $1.4 billion and submitted a claim against their insurance policy. The insurance company denied the claim citing the malware originally was an attack on Ukraine from Russia and was, therefore, an act of war. Most insurance policies have an “act of war” exclusion clause. The case spent three years in court and was finally decided in Merck’s favor.

Today we have a conflict between Russia and Ukraine where cybercrime is a large concern. Cyber insurance companies have had five years since this incident to understand the risk of the current climate and write policies appropriate for the risk. Attribution is another factor when a company tries to make a claim on an insurance policy. The origin of a cyberattack is purposefully difficult to attribute. With a conflict going on where cyberattacks have been part of the conflict, an “act of war” exclusion could play a large part in an insurance claim today.

There are many factors to consider when shopping for cyber insurance. Click here for our latest cyber insurance update video where we discuss more factors for a business owner to consider when selecting a policy. It’s important to understand what is covered in a policy, and even more importantly, what is not covered. Also, cyber insurance should be used as a last resort. Protecting your data with quality best practices is the best way to reduce risk.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Jun

2022

CISA Outlines Three Critical IT Failures

The deputy associate director at the Cybersecurity and Infrastructure Security Agency (CISA), Donald Benack, gave a presentation along with Joshua Corman at the RSA convention last week where they outlined three critical cybersecurity failures, they are seeing exploited in the wild.

The pair called out the healthcare industry specifically as a sector with limited IT knowledge and skill focused on security. The nature of patient records, personally identifiable information (PII) including SSN, and financial information, make the healthcare sector a particularly desirable target for ransomware and phishing attacks. These factors are paired with limited budgets or a lack of cybersecurity priority in the sector.

The presentation was titled, “Bad Practices” to highlight a contradiction to ‘best practices.’ “The uncomfortable truth is that we can’t just say do best practices,” Corman said.

Benack outlined three “terrible tactics” in an attempt to change the language of cybersecurity. If ‘best practices’ are too much for some businesses, CISA is thinking about other ways they can have a positive influence on cybersecurity.

The three terrible tactics:

Use of unsupported or stop-of-existence software program

A business should not use unsupported or end-of-life software. When software is not being patched and updated consistently, it becomes an easy target for attack. Hackers follow end-of-life software, find vulnerabilities, and then search the web for systems using the easily hacked software.

Use of recognized/preset/default credentials

Many industry-specific hardware comes with default credentials for easy setup. If the credentials are not changed, the devices can be easily accessed remotely. Some credentials are so easy to find, they are printed in the product manual. Hackers can use the credentials and search the web for devices still using the default credentials.

Use of single-variable authentication for remote or administrative access

Remote and admin privileges are the most sensitive login credentials. No user should use admin privileges as their normal login. Additionally, this higher-level access should never use only a password, they should always have some form of multi-factor authentication (MFA).

“All of these procedures are not dependent on theory, they are dependent on evaluation of all the incident experiences and accessibility to info CISA has all-around what’s being exploited in the wild,” Benack stated.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Firewall

Search Quanexus.com

White Paper: Corporate Account Takeovers, Business Email Compromise and Ransomware

What Our Clients Think

Contact Us