Ransomware Shut Down US Pipeline

One of the nation’s largest pipeline operators was forced to shut down their network Friday following a ransomware attack. In what is being called the worst cyberattack on critical US infrastructure in history, Colonial Pipeline shut down their 5,500 miles of pipeline to contain the breach. The Georgia based company transports more than 100 million gallons of fuel per day including gasoline, diesel, jet fuel, and home heating oil. Oil analysts say the shutdown could affect gas prices if it goes on for more than a few days. The immediate concern is the supply of jet fuel to large airports like Atlanta and Charlotte. Colonial Pipeline moves 45% of the fuel from the Gulf Coast of Texas to customers in the southern and eastern United States.

The attack has been confirmed by the FBI to originate from a group of cybercriminals known as DarkSide. They are a new and particularly cruel criminal gang who admit to targeting hospitals, schools, universities, nonprofit organizations, and government infrastructure. The group reportedly stole and encrypted 100 gigabytes of data from Colonial Pipeline they are threatening to leak if the ransom is not paid.

Eric Goldstein, executive assistant director of the cybersecurity division at CISA said, “This underscores the threat that ransomware poses to organizations regardless of size or sector. We encourage every organization to take action to strengthen their cybersecurity posture to reduce their exposure to these types of threats.”

These high profile attacks continue to keep IT security in the news and at the forefront of business owners’ minds. The SolarWinds breach was an illustration of the capability and scope of a nation state attack. At the same time we see ransomware attacks on small businesses or city governments who often don’t have the budget for IT infrastructure. Ransomware payments peaked in Q3 of last year with an average payout of over $225,000 per incident. Criminals understand many small businesses don’t have the resources to defend against these attacks and have no choice but to pay the ransom.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Recent Posts

Dangers of IoT Devices

Today on the Podcast Jack and Chuck discuss ‘Internet of Things’ devices, and how these convenience gadgets can open up our home or business to cyber threats.

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Physical Security, Small Business

Current Phishing Threats

Criminals use phishing as an entry point to install malware, gain access to login credentials, or collect personal information. Hackers follow current events and prey on the emotions of their targets to drive up click rates. The Federal Trade Commission is still warning of fraud campaigns related to COVID-19. The scams are being reported in many forms, including phishing emails and texts, robocalls, and fake social media posts. The COVID scams have shifted from cures to requests for money to get to the front of the vaccine wait list. The FBI is also warning of fake COVID antibody test scams that seek to harvest personal information from their victims.

SMS Phishing, or Smishing, continues to grow in popularity among criminals. Smishing events were up over 300% at the end of 2020, and we look for those numbers to continue to increase this year. Criminals are turning to phishing via text message because most consumers trust their text messages. We have become used to receiving two-factor authentication text messages for our banks and access to health care systems. Text messages are not typically questioned before consumers click on a link. Criminals are using this trust to their advantage. Smishing campaigns run the gamut from tax rebates, bank activity, package delivery, and Amazon. Remember, a phishing campaign usually tries to generate fear so the victim will click the link. If the message creates a sense of urgency or it is not something you would normally expect, chances are it is fake.

Tax scams are also on the rise this year. The IRS pushed Tax Day back again this year, and many states are catching up to changing last minute federal laws. The tax scams we are seeing are phone and email phishing based. Be aware of the service you are signing into to file your taxes and use multi-factor authentication if it is an option for your tax service provider. Instead of clicking a link in an email, navigate directly to the site by typing in the site address (URL).

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Recent Posts

Dark Patterns

Dark patterns are design choices that trick users into taking an unintended action or preventing them from taking an action. Examples are, tricking a user to subscribe to a service, and then making it difficult for them to unsubscribe by hiding the unsubscribe button. UX (user experience) designers are trained to think about how people interact with technology. Unfortunately, this knowledge can also be used to deceive users. They are using human psychology to their advantage hoping users will get frustrated and give up or click the wrong option accidentally.

There are many forms of dark patterns. Harry Brignull started the website darkpatterns.org in 2010 to identify and highlight the most egregious offenders. The three most common are the Misdirection, Confirmshaming, and the Roach Motel.

Misdirection is when a website establishes a pattern and then exploits that pattern. An example would be as a user is filling out a form, then clicks a green button to go to the next step, green button, next step, green button, next step. Then at the end of the process, the option to opt into a $10/month service is a green button, and the option to continue without the monthly service fee is black text on a white background. Misdirection also occurs if an option for “yes” is highlighted in red, or an option for “no” is highlighted in green. These design decisions are made to confuse the user and make them click what the business wants them to click.

Confirmshaming is a tactic to guilt users into agreeing to a service or signing up for an email list. These are often found on shopping websites where the language will say, “Sign up for mailing list” and the alternative is “No, I want to pay full price.” In some cases, the pop up creates more urgency with added “One time offer” language.

 

The Roach Motel is familiar to many users. This dark pattern centers around the idea it is easy to get in, but difficult to get out. Have you ever had to Google how to unsubscribe from a service? A Roach Motel purposefully hides the cancel option, and possibly makes users go through multiple confusing confirmations to finally cancel the service. Amazon is famous for how difficult it is to cancel an account. Darkpatterns.org has a great video on all the steps a user has to navigate to cancel an Amazon account, and then at the end of the process the user has to chat with an Amazon specialist because the user actually cannot cancel the membership on their own. Amazon must cancel the membership.

Dark patterns take advantage of psychology and short attention spans. Users get frustrated and give up trying to cancel that monthly membership or email blast. However, with some education and the occasional search engine dive, users can navigate this world of purposefully bad UX design.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

 

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization