Ransomware

Water System Attack

Water System AttackA recent cybersecurity incident highlighted vulnerabilities in critical infrastructure in the United States. A municipal water center in Pennsylvania was targeted by an Iranian threat actor known as CyberAv3nger. The attack exploited internet-connected programmable logic controllers (PLCs) and defaced the unit’s screen with a message expressing anti-Israel sentiments. The hacker group appears to be targeting equipment made in Israel. The water company took the unit offline and switched to manual operations, but the compromise was a wake-up call for critical infrastructure with questionable security practices.

The attackers were able to take control of the PLC with the manufacturer’s default password, showing that the controller unit was public-facing on the internet and easy to access. The hackers could easily search the internet for this controller and keep trying them until they found one where the password was not changed from the default. Water utilities are chronically underfunded, so they often don’t have room in the operating budget for cybersecurity employees. Water utilities were supposed to be added to the list of other public utilities inspected for cybersecurity defenses by the EPA, but the government was forced to abandon the new law after lawsuits from attorneys general of Arkansas, Iowa, and Missouri. This new attack is likely to bring EPA inspection back to the forefront.

On December 1st, the FBI, NSA, and EPA released an alert highlighting the malicious cyber activity of CyberAv3ngers and other similar groups. The alert warned of attacks in energy, food and beverage, manufacturing, and healthcare sectors. Cybersecurity specialists have focused on the internet-facing part of the attack. Many of these controller devices do not need to be on the internet to perform their function. We are so used to connecting all devices to the internet, but in an industrial setting, it opens controllers and the business network up to attack.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business

Why are SMBs Targeted More

Why are SMBs Targeted MoreDuring 2023, we saw ransomware groups continue to shift their focus from large enterprises to small and medium-sized businesses (SMBs). New data attaches numbers to this trend and shows that businesses that employ up to 200 employees were the category most often attacked in the first half of 2023.

SMBs inherently face cybersecurity vulnerabilities that are non-factors for large corporations. SMBs have a smaller budget, resulting in fewer security resources than large businesses. Resource scarcity often results in missing security maintenance like password management, multi-factor authentication (MFA), patching, and updating systems and software.

The human element is a more significant threat at the SMB level as well. With less system security, employees are more susceptible to attacks from ransomware groups. SMB employees don’t have the level of security awareness training corporations provide. Also, many SMBs still think they are too small to be attacked and don’t prioritize cybersecurity on the job. SMB employees face the double exposure of not receiving security training and being more open to attack through out-of-date systems. One can see how the vulnerabilities quickly multiply against SMBs.

The threat landscape is also expanding. An estimated 29 new ransomware groups emerged in 2023, along with ransomware-as-a-service (RaaS). RaaS allows individuals with no technological background to hire a ransomware group to attack a chosen target easily. Attacks are usually financially motivated, but some groups target SMBs for data like healthcare and financial institutions.

The shift to SMBs is two-fold. Smaller businesses usually have worse security, and SMBs are more likely to pay to recover their data. The payments are smaller, but criminals are learning that multiple businesses that are more likely to pay yield a greater result than corporations that may be able to recover from a backup.

The data continues to show a trend of ransomware groups moving to target small and medium-sized businesses. Many businesses in this position are turning to managed service providers (MSPs) like Skynet Innovations to stay up-to-date on cybersecurity practices so they don’t have to. Reach out today if you have questions about how your business could utilize a managed service provider.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business

Data Protection

Data ProtectionProprietary business data and customer data are often the target of modern phishing and ransomware attacks. Criminals seek to steal, encrypt, exploit, and sell your company data. In a ransomware attack, the encryption of this data stops your employees from doing work, losing money for your business. So, it should go without saying that data encryption falls high on the priority of cybersecurity for small businesses, but for many, it does not. Today, we will review some basic data protection methods to consider for your small business network.

Classification and Encryption
First, Business data must be classified so the critical data can be segmented and encrypted. Critical data is deemed essential for the business’s success, including customer information, financial data, intellectual property, employee data, and operational data. The data identified as critical should also utilize encryption and Data Loss Prevention (DLP) tools. DLP tools can help protect, monitor, mask, and alert administrators if the data is moved or breaks policy rules.

Segmentation and Access
One of the first steps small businesses can take is limiting data access. As a business grows, sometimes every employee can access customer, employee, and operations data. If a criminal is able to access the business network through an employee login, they have access to all of the data the business uses to operate.

All employees should only have access to the data they need to perform their jobs. Limited access is essential for the critical data highlighted above but should be used for all data to reduce the amount of business data a single employee can access. Additionally, administrative privileges should be limited, and only used to make admin-level changes. No employees should do their daily work under an administrative login.

Even though data is often the target of a cyberattack, it’s not always the first step small businesses consider when implementing security. Some simple high-level practices can make your business data more secure and limit the impact of an attack.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Small Business

Holiday Shopping Cybersecurity

Holiday Shopping CybersecurityThe upcoming long weekend is the start of holiday shopping for many consumers, with Black Friday and Cyber Monday sales from many retailers. Studies show consumers got comfortable with online shopping in greater numbers during the pandemic and have not returned to in-person shopping in the numbers seen before 2019. However, online shopping-related scams grew to 22% during the same time last year when victimized shoppers lost an average of $1200 each to scam websites. Online criminals are opportunists, so that number is expected to grow this year as consumers continue to look for holiday deals online. Hackers can also use the vulnerabilities of consumers to pivot onto business networks, especially since many employees are at work during Cyber Monday.

Employees should understand the possible online threats of this shopping season, and employers should have clear policies outlining internet use on company devices. Below are three tips to help you and your employees stay safer this shopping season:

Emails and Promotions
Employees should have a heightened awareness of promotional emails this time of year. Criminals will use spoof emails with the same graphics and text as reputable emails, but the links will lead to nefarious sites or requests. Look out for suspicious URLs, suspicious email senders, and requests for personal information. When searching for deals online, use trusted retailers and be wary of deals that are too good to be true. Criminals develop websites that appear in Google shopping results that look like fantastic deals, but the products never arrive.

Secure Payment Methods
When shopping online, use credit cards and online payment methods with robust consumer protection. Using debit cards online is ill-advised because it is a direct link to a bank account.

Hardware and Software Updates
Hardware and software manufacturers are hard at work patching against the latest security threats found in the wild this time of year. Be sure to keep devices and software like browsers up to date all year around, but especially during the holiday buying season.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business