Small Business

Smishing Threat to Business Owners

Smishing ThreatPhishing using text message, or smishing (SMS phishing), saw a huge increase over the first half of the year. The increase is attributed to many people shopping from home in 2020, and companies using text messages for confirmation and to communicate with their customers. Smishing messages normally appear to come from banks, Amazon, mobile phone providers, or government agencies. Criminals use stories in the news to form their tactics like fake messages related to COVID contact tracing or messages from the government about tax returns.

Criminals are getting smarter and targeting smishing campaigns now include using the target’s real first name, and phone or bank service they actually use. With so many data breaches recently, criminals are finding it easier to get their hands on more information about an individual and target them in a convincing way. Smishing numbers are up 300% in the US and 700% in the UK.

Corporate IT leaders are concerned about the implications of the increase in attacks on employee smartphones. As an industry, we’ve gotten very good at protecting computers on the business network, but many employees are working from home on consumer-grade networks and using personal and corporate smartphones on a variety of unsafe networks. Hackers targeting employees for business credentials with smishing is the logical next step in these attacks.

Steps to avoid becoming a victim

As with many of these threats, educating your employees is the first step. The messages almost always have a link to click on that’s trying to steal login or personal information. Employees should know never to click on links in a text message or email and provide any kind of information. The text messages are designed to create urgency. They may say an account has a negative balance, or you just won a prize for paying your cell phone bill on time. The second step is to make sure the education sticks. Use an external IT company like Quanexus to test security awareness. Employees need to be able to recognize a suspicious message in the wild.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business

Largest DDoS Attack on Record

DDoS AttackYandex, the Russian version of Google, was hit with the largest DDoS attack in the history of the Internet. This attack followed a different attack in August that at the time was three times larger than the largest on record. A distributed denial-of-service (DDoS) attack occurs when a criminal uses compromised computers or other IoT devices to bombard a server, service, or network with requests. It’s a purposeful traffic jam to take down a targeted website. The network of compromised devices being weaponized is called a botnet.

In August, Cloudflare said they stopped a DDoS attack against a financial institution. That attack peaked at 17.2 million requests-per-second and was the largest until this recent attack on Yandex. The more recent Yandex attack peaked at 21.8 million requests-per-second, so the strength of the botnet is growing. Both attacks are attributed to a hacker group called Meris.

The botnet is made up of unsecured routers manufactured by a single company. The hacker group found a way into routers and are using them to overload the website of their choosing. Criminals are able to create these botnets because companies sell cheap, unsecure devices that consumers buy and put on the internet. These devices are usually much cheaper than their secure competitor.

The company who makes the routers say they have fixed the firmware, but the majority of routers online are using an earlier version of the firmware that’s still vulnerable.

“The biggest contributor to the IoT botnet problem — a plethora of companies white-labeling IoT devices that were never designed with security in mind and are often shipped to the customer in default-insecure states — hasn’t changed much, mainly because these devices tend to be far cheaper than more secure alternatives.” Krebs on Security

The devices you have connected to your home and business network matter. Devices should be patched and updated often because when issues are found, they are repaired. If your device is working on a three-year-old version of the firmware, you’re opening up your network to vulnerabilities. Additionally, quality devices make a difference. These IoT devices are security cameras or baby monitors, but they can also be industrial sensors or manufacturing devices. Any device connected to the Internet is susceptible.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization

Why Hackers Don’t Take a Holiday

Why Hackers Dont Take a HolidayThe FBI released a warning before Labor Day citing a hacking pattern over long or holiday weekends. This year the meat processing company JBS was attacked on Friday heading into Memorial Day weekend. The Kaseya attack occurred on the Friday before the long Fourth of July weekend. The Colonial Pipeline attack took place over Mother’s Day weekend, a time many employees would have been more likely offline. We are still waiting to hear if any attacks occurred over this past weekend, but it’s clear hackers find holidays useful.

In general, ransomware attackers like weekends; they want the most amount of time inside a network to look around as possible. Attackers are also interested in the least amount of oversight, and if they are discovered, the least number of staff to deal with the issue. A long weekend, when many employees might also take off on Friday, is prime time to move around the network and encrypt files. Ransomware reports tend to spike on Monday when victims return to work to find their data encrypted.

Unfortunately, staying secure from hacking is not a matter of somehow locking down systems on Friday, and starting them back up Monday, holiday or not. Attackers typically have already gained access to the system, but they wait for the weekend to move around or encrypt files. The FBI used this past weekend to draw attention to the increase in attacks and to give business owners another opportunity to think about their cybersecurity standing. The recommendations in the report were not quick solutions, but the practices and procedures we talk about on this blog continually:

“Don’t click on suspicious links. Make an offline backup of your data. Use strong passwords. Make sure your software is up to date. Use two-factor authentication.”

Understanding the way hackers work, and the patterns emerging from this year of increased attacks is another step in keeping your business and customer data safe.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization

Five Cybersecurity Statistics

five cybersecurity statistics77% of organizations saw more or the same number of cyberattacks over the past year.

Business owners recognize the new cybersecurity threat landscape. Criminals are targeting businesses in countries with more developed economies at a greater rate. The US and Canada are at the top of the list at 53%, with enterprise and midsized businesses being the most likely targeted at 50%.

15% of organizations shut down their business because of a cyberattack.

Businesses are feeling the impact of the large increase in attacks over the past couple years. Organizations cited employee downtime as the largest financial repercussions after an attack. Reputation damage, and theft of intellectual property were also on the list, but one in seven businesses reported they had to close their doors completely after an attack.

62% of organizations anticipate a ransomware attack in the next 12 months.

Ransomware is at the top of every list because criminals follow the money. Many businesses have no choice but to pay ransoms, which keeps the cycle of attacks high. Identity theft anticipation is a close second at 60%.

70% of organizations plan to increase their cybersecurity budget this year.

Businesses in all sectors are seeing the need to increase cybersecurity. Companies in financial services, transportation, and technology are at the top of the list for increased security. CEOs are realizing the minimum is no longer acceptable to protect the assets their business runs on.

58% of organizations believe they will face an insider security threat over the next year.

Increases in cybercrime will give employees the opportunity to initiate a breach both through misconduct and intentional theft. The move of many businesses to work remotely only increases this risk. Businesses have less control over their data than they did 18 months ago. The increase of cybercrime combined with remote data opens the door for abuse.

Business owners are being forced to take cybersecurity seriously. The solutions to the cybersecurity threat landscape change daily. If you are looking for a security approach that fits a need as well as a budget, reach out and see if we would be a good candidate.

Source: IDG Research Services; CSO Online

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Wireless