MSPNetworks Blog

You’ve probably already heard about Log4j this week. Maybe you don’t recognize the name, but it’s likely that you have run across emails or news articles talking about this widespread vulnerability. You need to take it very seriously.

What is Log4j?

When developing software, developers utilize different programming languages. One of these languages is called Java, and in Java, developers have multiple libraries to work with. Log4j is one of those libraries, and it has recently been uncovered that there is a huge vulnerability that cybercriminals can exploit to gain access to your systems and data. It’s a huge open door that has been there for years, and now that the world knows about it, it is just a matter of time before it is being used to do damage.

This particular Java library has been used a lot over the years. The vulnerability impacts some pretty big names in software and cloud hosting, such as:

• Amazon
• Apple
• Cisco
• Fortinet
• Google
• IBM
• Microsoft
• SonicWall
• Sophos
• VMware

…as well as others, large and small. Even the United States’ Cybersecurity and Infrastructure Security Agency (CISA) is affected.

Is My Business Impacted by Log4j?

It’s almost certain that it is. We can’t stress enough that this is a big issue, and that major tech companies are scrambling to put out patches. It doesn’t just affect the folks at Amazon and Microsoft, it affects those that use their products as well.

What You Can Do to Fight Back Against Log4j

One of the scary things about this vulnerability is that most businesses are at the mercy of their vendors to patch it, and some experts think it will take years before this vulnerability is totally removed from the world. Fortunately, as we mentioned earlier, the big names in tech are scrambling to get a patch out the door, and many, if not most, already have.

However, it also falls on the impacted webmasters and businesses to apply the patches that these developers put out. Beyond that, it is critical that you as an individual remain vigilant in your cybersecurity hygiene. That goes double for your business.

For example, let’s assume for a moment that you’re a user on a fantasy football league website. If that website relies on technology that Log4j impacts and they don’t apply the fixes, the information you’ve provided to the website—account details, financial information, and whatever else—would be vulnerable and easy to steal.

This applies to every website or application that uses this technology; if they don't react, your account with them is not very safe. 

The problem is, as a user, you can’t really tell if a website or piece of software is using this particular Java library. In other words:

Everything just potentially got a little more dangerous, when it comes to cybersecurity. It’s up to everyone to work harder to protect themselves.

How to Protect Yourself from Log4j, as an Individual and a Business

It’s critical to use strong password hygiene. “Password123” isn’t going to cut it. Using the same passwords across multiple accounts needs to stop, immediately. This involves following the basic password best practices that we always talk about, like:

• Using a unique password for each account and website
• Using a mix of alphanumeric characters and symbols
• Using a sufficiently complex passcode to help with memorability without shorting your security
• Keeping passwords to yourself

Audit your IT IMMEDIATELY

All organizations need to bring in a professional to audit all of their technology and update what can be updated to remove the influence of Log4j. Not only will this help protect your business and your employees, it will also protect the interests of your clients and customers. 

We recommend that you give MSPNetworks a call at (516) 403-9001 to schedule an appointment. This is extremely important, and you need a professional set of eyes to audit your IT to make sure you aren’t affected by this awful vulnerability. 

Many, many companies have adopted remote work policies and practices since the COVID-19 pandemic forced most to downsize (if not cease outright) on-site operations about two years ago. Now, as we enter 2022, it seems a good time to reexamine the security that we have protecting our businesses and the workers currently operating remotely.

The Pandemic Has Shown Businesses How Well Remote Work Can Work

Despite the resistance that many initially had to the concept of remote work, it quickly proved to be a blessing for those companies that adopted it. Now, about two years later, its value has continued as it has kept a lot of businesses open and operational to some extent as infection rates have fluctuated. This approach has also proven popular amongst the employees who are participating in remote work efforts. A PwC survey conducted in August revealed that nearly a fifth of these workers would like to be fully remote, even without COVID in the picture.

However, for all the benefits that remote operations have provided to businesses, we need to address the elephant that snuck into the room with them: the cybersecurity challenges that remote work and working from home have introduced.

Unfortunately, Remote Work Can Provide Cybercriminals with Opportunity

Despite all the positive aspects that remote work has to offer a business, we can’t pretend that it doesn’t come with its share of challenges—specifically, in terms of maintaining an acceptable level of cybersecurity.

The reality of it all is that your team members simply aren’t going to have the same protections in their home as you should in the office, which means you need to do all you can to supplement the protections you have in place.

Security Issues Can Come from All Angles

Unfortunately, there are many factors in play that can unpleasantly influence your business’ cybersecurity. Not only may your team members be using their own technology to do their job, they’ll certainly be doing so on a network that you don’t have control over. As a result, this network will almost certainly lack the protections you have on your business.

Furthermore, as they’re working remotely, your team members are going to be on their own. This makes it that much less likely that they’ll be as focused on their security practices as they should be, and more exposed to threats as a result.

So, While Remote Work Can Be Valuable, You Need to Keep It From Making You Vulnerable

It’s obvious that you need to protect your business from any threats it faces…the question is how you can do that. There are a lot of practices and solutions that we recommend a business have its users adopt to help shore up these vulnerabilities. For instance:

• If an employee has no choice but to use a public Wi-Fi connection, make sure they are utilizing a reputable VPN (virtual private network) to secure data while it is being transmitted
• To help prevent employees from transferring data from work devices to private ones, putting together a Bring Your Own Device policy to help establish some control over the device and allowing them remote access to your infrastructure or using the cloud helps to secure your data.
• Password practices need to be upheld just as vigorously as they would be in the office. Not only do they need to be complex enough, they all need to be unique. Multi-factor authentication (MFA) should also be implemented to double-down on the security that accounts are protected by.
• Physical security also needs to be remembered when working remotely. Devices should never be left unattended in a public place, and it is not a bad idea to secure them in the home as an added safety precaution.
• All devices used for work, including the modem and router supplying wireless Internet, need to be kept up-to-date so that they remain secure.
• All remote users should be reminded of the threat that scams and phishing attacks pose, with ongoing training and other awareness-enhancing activities being conducted on a regular basis.

Yes, this is a lot, but it’s all important to do to keep your business secure. We’re here to help businesses do so. Give us a call at (516) 403-9001 to learn more.

Hackers have often used email to trick users into clicking on fraudulent links or to hand over important credentials through phishing scams, but these are usually blocked by an enterprise-level spam blocker. However, hackers have learned that there is indeed a way around these spam blockers, and it’s through popular social media websites.

One of the big reasons why spam blockers are so successful is because it examines the content of the messages you receive and makes a determination about its authenticity. One way that it does so is by looking at links within the email body itself. If the link is legitimate and seems to go to a normal, recognized source, then the message can be considered “legitimate,” even if it is not necessarily safe.

Hackers are now attempting to use social media websites to subvert this weakness in spam blockers; they use the sites as a middle-man of sorts, using the social media website to write a post which includes a suspicious link, then using the social media platform’s sharing capabilities to effectively mask the suspicious link behind that of the social media platform.

This is a particularly crafty approach that should not be taken lightly, and it’s already in use at this present moment. Take, for example, a recent campaign using Facebook as the delivery mechanism for phishing threats. In this scenario, hackers send victims an email message suggesting that they have violated Facebook’s terms of service on their page. When the victim clicks on the link in the email, they are brought to a legitimate Facebook post further detailing the issues that must be addressed. The post prompts the user to click on a phishing link, and the rest is history.

The moral of the story is that you can never trust links in your email inbox from unknown users, even if they appear to be legitimate. Phishing can happen anywhere, especially where you least expect it, like on social media websites and even support forums. If the links look a little too suspicious, then you should wait to take action until you have consulted a security professional like those at MSPNetworks. Our technicians are happy to review the contents of messages and make determinations on their authenticity, particularly for situations like the above one where it’s not clear if the link is legitimate or not.

Now, if you don’t have a spam blocking solution in place, we can help you out with that, too. With a unified threat management tool, you can take full advantage of great security solutions designed to keep you protected from the majority of threats. To learn more, reach out to us at (516) 403-9001.

We often discuss how your business can avoid the impact of ransomware, but what we don’t often discuss is what happens to businesses that do, in fact, suffer from such a devastating attack. We want to use today’s blog as an opportunity to share what your business should (and should not) do in the event of a ransomware attack, as well as measures you can take to avoid suffering from yet another in the future.

First of All, Don’t Panic

If you suddenly get a message from a ransomware attacker claiming that the files on your computer have been locked down, first of all, don’t panic. Ransomware is scary, but there is a chance that the attacker really hasn’t infected your device. Some recent threat actors have been able to make a quick buck with “fake ransomware” attacks, where the threat is so dangerous that they can make money just from the panic these attacks can create.

Also, you absolutely should not pay the ransom without first consulting your trusted IT resource. You don’t know if the situation is out of control just yet, so it’s best to not make any impulsive decisions. Paying the ransom only proves that ransomware is effective and further funds future ransomware attacks against other businesses like yours.

Contact Your Trusted IT Resource

Regardless of the extent of the attack, your business needs to contact its trusted IT resource to accurately gauge its impacts. Depending on how bad it is, you might be able to get away with restoring a data backup to a point before the ransomware attack struck. If the hacker is using double-extortion methods, however, this might not be possible. Either way, you don’t want to take action until you have had a discussion with your IT resource about what to do. There is almost always another option available, so you want to know what these are before you commit to any one in particular.

Implement Proactive Measures for the Future

Obviously you don’t want to suffer from another ransomware attack in the future, so it’s best practice to prevent these types of threats from infecting your infrastructure in the first place. You can do so with comprehensive security measures designed to keep threats out of your systems. Furthermore, we recommend that you implement multi-factor authentication and train your employees to identify threats. Doing so can keep your employees from making silly mistakes due to social engineering attacks, as well as limit user access controls in the event someone does slip up.

MSPNetworks can help you implement any measures needed to keep ransomware at bay, including cybersecurity training for your business’ employees so they are more cognizant of the threat in the future. To learn more, reach out to us at (516) 403-9001.

Artificial intelligence, commonly known as AI, is used in several different ways in various industries, but one of the most impactful has been with cybersecurity and its automation. On the other hand, however, are the hackers who use AI in ways that fly in the face of the efforts of these cybersecurity professionals and use AI for cybercrime. What are some ways that AI is used in cybercrime, and why is it so scary for businesses to handle?

Deepfakes

The term “deepfake” stems from the words “deep learning” and “fake media.” Essentially, a deepfake uses false imaging or audio to create something which appears to be authentic when it really isn’t. Used incorrectly, deepfakes can be incredibly harmful in a variety of ways. Imagine reading something on the Internet and having it be accompanied by a fake video or image that skews your perspective and leads you to believe one thing rather than another. AI-generated deepfakes can (and have) been used in this way, and they can even be used in extortion and misinformation schemes.

Deepfakes use AI to generate realistic videos, typically of a famous person with a lot of source material online to pull from. Videos can be generated of a celebrity or government official doing and saying virtually anything, misguiding the viewer and causing confusion. 

AI-Supported Hacking Attacks

AI can also help cybercriminals when they are going about your average hacking attack, like trying to crack passwords or infiltrate a system. For example, hackers can use machine learning and artificial intelligence to analyze and parse password sets; they then use the information gleaned from these password sets to more accurately guess passwords. These systems can even go so far as to learn how people adjust their passwords over time.

Furthermore, there have been instances of hackers using machine learning to inform and automate their hacking practices. Some systems can use machine learning to identify weak points in a system and penetrate them through those weaker links. The systems used can then autonomously improve their operations for greater effectiveness. It is quite concerning to say the least.

Human Impersonation and Social Engineering

AI can also impersonate human beings themselves by imitating their behaviors. Through the use of automated bots, it is possible for hackers to create fake accounts that are capable of performing many of the everyday things your average user might do on social networking sites, like liking posts, sharing things out, and more. These bots can even be used to turn a profit in certain circumstances.

The possibilities for artificial intelligence in a cybercriminal’s toolbox are just as endless as they are for augmenting the operations of businesses, and it is a threat that should be closely monitored both now and in the future.

Don’t let cybercrime of any type complicate your business’ future. To learn more about what we can do for your business to keep it safe and sound from all kinds of threats, reach out to MSPNetworks at (516) 403-9001.

Smart devices have brought about unprecedented amounts of connectivity in aspects of running a business or owning a home that never could have been dreamed of in the past. People can now unlock their front doors, turn up their thermostats, and even switch the lights on and off through their smartphone. Unfortunately, the part that people don’t like to talk about with these applications and devices is security—big surprise, right?

Most consumers tend to lean toward technology that makes their living spaces easier to manage, but these technologies present their own set of problems and challenges, chief among them being security.

Connectivity Through the Cloud

Smart technology works by sending and receiving data from the chosen smart device, be it a thermostat or a video surveillance system, to your smartphone. It does this through the cloud, but there’s a catch—these connections are often unencrypted and unsecured, meaning that anyone who knows where to look can hijack the transmission and steal that data. If you are going to implement smart technology for your company or home, be sure to look for solutions that come with encryption capabilities, thus securing your connectivity through the cloud.

Be Careful About Permissions

Depending on the application, you might notice that it asks for permissions to use various other applications or hardware on your device, like the camera, microphone, or other data found on your device. Be very careful with these permissions. You must be sure of what permissions you are granting before you actually do so. Depending on what permissions are granted, you might accidentally opt into data harvesting. Furthermore, the more permissions you grant without understanding what they are doing, the more likely you are to get hacked, so it’s always better to err on the side of caution with smart technology.

You may have already noticed, but many of the challenges presented above can be mitigated through understanding the nature of what technology you are implementing and how you are using it. Always understand the details for any device you implement on your infrastructure before doing so, and if you don’t, consult professionals who make it their life’s work to help people like you improve their relationship with technology.

MSPNetworks can help you implement smart technology solutions for your office, but we can do so in a way that prioritizes security in all senses of the word. To learn more about what we can do to help you protect your business and its assets, reach out to us at (516) 403-9001.

Network security can be tough; there’s a lot to know, and you often need to have trained professionals on your side to ensure your systems are as secure as possible. With the right solutions on your side, however, it can be made much more manageable. Let’s discuss some of the most important security features your organization should implement and why.

Unified Threat Management

A UTM is an umbrella term that describes a comprehensive security appliance. A UTM typically includes a content filter, spam blocker, and antivirus software, among other solutions. It’s designed to protect you from the plethora of threats out there through the implementation of a singular hardware-based tool. It’s one security measure that your organization definitely does not want to be without.

Mobile Device Management

With so many people still working remotely or from a hybrid setting, managing your team’s mobile devices and their access to important data is an incredibly important thing to work toward. Mobile device management tools can be used to control user permissions and access to data, as well as whitelisting and blacklisting applications.

Permissions, Access Control, and Monitoring

It’s important that your company understand how permissions, access control, and monitoring work in tandem to protect your company’s assets. In essence, your team should have permissions for only the data they need to fulfill their day-to-day duties, and you should actively monitor who is accessing which parts of your infrastructure.

Virtual Private Networks

VPNs create encrypted tunnels between your network and devices that want to access its data. This protects data from being intercepted or observed while it’s traveling to and from your device. They are particularly valuable for any worker who spends time working outside the protections of your in-house network, and in today’s world of remote and hybrid workflows, they are extremely important.

MSPNetworks wants to be your business’ go-to security resource. We can help you implement any of the above solutions and monitor your systems for any security threats you can imagine. To learn more about what we can do to keep your business safe, reach out to us at (516) 403-9001.

As time has passed, cybersecurity attacks have become another way some organizations and nations engage in warfare. You can argue that there is a war going on at all times in cyberspace while hackers—many of which are sponsored by government agencies—try to outdo security researchers at all turns. One such scenario sees customers in the United States and Israeli defense technology sectors becoming the target of “password spraying.”

Password spraying is a somewhat disgusting-sounding term used to describe the process of hacking into multiple accounts by spamming commonly used passwords. You can see how this can become problematic, especially considering users’ propensity for using variations of these commonly used passwords.

In the above scenario, Microsoft warns that about 250 Microsoft Office 365 customers in the aforementioned sectors were being targeted by these password spraying tactics. Microsoft has called the group performing such attacks DEV-0343, with the DEV moniker being used to showcase that the attackers are, at this time of writing, not state-sponsored. DEV-0343 is thought to originate from Iran.

Less than 20 of the targets were actually compromised, but it’s shocking that such high-profile targets would opt for such basic passwords, to say the least. It’s reported that organizations using multi-factor authentication are at much less risk compared to those who don’t. According to Microsoft, security professionals should be on the lookout for suspicious connections from Tor networks: "DEV-0343 conducts extensive password sprays emulating a Firefox browser and using IPs hosted on a Tor proxy network. They are most active between Sunday and Thursday between 7:30 AM and 8:30 PM Iran Time (04:00:00 and 17:00:00 UTC) with significant drop-offs in activity before 7:30 AM and after 8:30 PM Iran Time. They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times. On average, between 150 and 1,000+ unique Tor proxy IP addresses are used in attacks against each organization.”

In general, your organization should be prepared to analyze its traffic for suspicious activity of any kind, particularly during off-times when nobody should be accessing your infrastructure. Furthermore, it’s critical to remember that passwords are, of course, only one part of an adequate cybersecurity strategy and that you should always strive to use multi-factor authentication when possible. Passwords are one part of this process and should be used alongside something else you have, like a secondary device or smartphone, or biometric technology.

You can count on MSPNetworks to stay in the loop regarding any security risk to your business and implementing solutions designed to protect your organization from any potential threats. To learn more about what we can do for your business, reach out to us at (516) 403-9001.

It’s easy to focus on threats that are external to your business, like viruses and malware that are just waiting to infiltrate your network, but what about threats that exist from within? While insider threats are not particularly common in the dramatic, over-the-top way that they are made out to be in movies and media, they are still a very real issue that should be addressed by your organization’s network security protocols.

In a lot of ways, insider threats are even harder to identify because of the fact that it is difficult to discern what activity is acceptable and what activity is not. According to Gartner, there are four types of insider threats. Believe it or not, most insider threats don’t necessarily have malicious intent; rather, they just have a gross negligence for network security and rules put into place that protects your organization’s intellectual property. Let’s meet some of these insider threats, shall we?

Those Who Are Tricked

Also known as the “pawn,” this category includes those who are more or less tricked into becoming complicit with hackers’ agendas through the use of social engineering scams or phishing campaigns. In these cases, hackers are simply taking advantage of others who may not know enough to not go along with it.

Those Who Cooperate

Those who cooperate with third parties to disclose sensitive information or trade secrets, also known as the “collaborator,” are dangerous in their own right. Not only do they leak important information, but they do so with the deliberate intent to harm or create problems for your organization.

Those Who Make Mistakes

Sometimes people just make mistakes because they don’t take security standards seriously or deliberately fly in the face of policies. These folks fall into the category of the “goof,” and their arrogance and negligence is what leads them to make such mistakes. Goofs often make choices that benefit themselves, even if they make things significantly less secure in the process.

Those Who Act on Their Own

Sometimes insider threats emerge on their own without being a part of a bigger effort from a hacker or third party. These threats, dubbed the “lone wolf” insiders, are particularly dangerous if they have high-level access to sensitive information. The reasons for lone wolf insider threats acting the way they do might vary, but even if they are made for ethical reasons, like leaking suspicious practices or dangerous activity, this does not change their status as insiders, as they are still acting with a deliberate intent to damage the organization they work for.

MSPNetworks can help to secure your business from threats of all types, including insiders. To learn more about the methods we use to determine legitimate or illegitimate network activity, reach out to us at (516) 403-9001.

What happens when your company configures something on its infrastructure incorrectly? It turns out, according to a recent data leak, that a lot can go wrong, especially in regards to cybersecurity and the privacy of sensitive records. The affected software was not an unknown third-party application, but was actually Microsoft! How did one of the world’s largest software developers put out software that potentially exposed millions of records? Let’s dig into the details.

The data leak in question affected users of Microsoft’s Power Apps, a software that is widely used by many companies and organizations to share data, including such big-name organizations and agencies such as American Airlines, Maryland’s health department, and New York’s Metropolitan Transport Authority. This data leak was discovered by cybersecurity researchers at UpGuard, who promptly notified Microsoft after determining that the data leak was a potential security issue.

The issue has since been resolved, but throughout the duration in which the data leak was still active, information such as names, Social Security numbers, phone numbers, dates of birth, vaccination records, demographic information, and other sensitive information was unsecured and, therefore, could have been stolen or compromised by hackers. While this information was unsecured and could have been accessed at any point during this time, there is no indication that it was accessed in any improper way.

The crazy thing about this whole fiasco is that Microsoft claims that the application was working as intended and that the root of the issue was the way that the software itself defaulted to a setting that allowed for this type of data leak. Microsoft has yet to comment on why the default setting led to such a lack of security, but they have since adjusted the default settings to allow for greater privacy. Still, this does not necessarily excuse the lax privacy settings that the program defaulted to.

It all goes to show that you can never be too sure that your business’ sensitive information is properly secured, as the consequences of having said data leak can be quite devastating. Under ordinary circumstances, a security audit could have been used to identify this risk, but the fact that nobody knew that this was a concern meant that nobody was actively looking for it and, therefore, the security issue flew under the radar for far too long. It’s just one reason why you need to be extraordinarily careful with any sort of configurations your company makes to any tools that are used to store, share, or disseminate information like any records listed above.

MSPNetworks can help your business ensure that all of its system settings are properly configured, as well as work toward properly securing sensitive information of all types. With us on your side, you’ll never need to worry about whether or not you are unknowingly putting information at risk. We can monitor your network, perform security audits, and fulfill just about any other tasks that need to occur to keep your business as secure as possible.

To learn more, contact the cybersecurity experts of MSPNetworks at (516) 403-9001.

Historically there have been several methods to transfer data from one system to the next, and while the cloud has rendered many of them irrelevant and unnecessary, that doesn’t mean they aren’t used by people looking to move data quickly. Many professionals still opt to use USB flash drives to keep certain data close at hand, but how at risk does this put the data on these drives?

Quite a bit, actually. Let’s discuss some of the many challenges that businesses face when dealing with USB flash storage and how it pertains to network and information security.

Device Size

Consider how small many of these flash drives are. This makes them compact and easy to carry around, and they can store a surprisingly large amount of data for their size. Unfortunately, when a business owner heavily uses a USB flash drive for any reason, they are constantly putting that data at risk of being lost or stolen. What would happen if the user accidentally dropped it while out and about? While some USB flash drives allow for encryption and passcodes to lock access as needed, this is not always the case. For this reason, many users prefer alternative methods of data transfer.

Information Security

When USB devices are used to transfer data and take it away from the workplace or off of the company network, tracking where, why, and how it is used can become quite problematic, especially when it comes to sensitive data that is governed by the various data privacy guidelines in specific industries. In particular, you should be wary of employees taking information such as customer data, financial information, intellectual property, source code, and other important assets out of the office; just imagine the fallout that could happen if employees were to lose their drive, or worse, sell the information themselves to make a quick buck. It’s just one other reason to not use USB flash drives, or at least partitioning off data based on user roles within your organization.

Threat Vulnerability

Just because USB drives are pretty low-tech compared to more modern solutions does not mean that they are any less immune to security threats. In fact, infected USB flash drives can become vehicles for security threats to access networks. Consider the fact that these devices are used to transfer or copy files from one location to another. The more endpoints a flash drive connects to, the more likely it is to become infected. The possibility of these types of threats becoming problematic has been detailed in the past through tactics such as the BadUSB firmware hack, so they must be taken seriously.

 Ultimately, it is much easier to secure a cloud-based data storage system and the devices used to access it, but you know what they say: old habits die hard. Do you still use a USB storage device, and if so, did you learn a thing or two about how to keep them secure? If you don’t want to worry about USB technology being used in such a controversial way, we recommend that you implement a cloud-based data storage system that eliminates the need to use physical hardware that could be corrupted or damaged in transit.

Do you routinely use USBs to transfer data from one place to another? If so, the knowledgeable professionals at MSPNetworks can help you move past antiquated hardware and provide the means to keep your data safe. Give our consultants a call today at (516) 403-9001. 

Have you ever wondered how hackers manage to pull off incredible feats like bombarding networks and servers with so much traffic that they simply cannot function? None of this would be possible if not for botnets. But what is a botnet, and why is it important for your organization to understand? Let’s dive into the details.

A botnet is essentially a network of connected devices that have been infected and taken over by a host. Each device on this botnet can be called a “bot.” The host can then direct these bots to perform various tasks. It should be noted here that the bots on these networks do not have to be computers, like desktops or laptops. They can be smartphones or just about any other connected device. And what is another network that includes all of the above, plus all of those odd devices that don’t normally connect to the Internet? That's right--the Internet of Things--and it’s a network of devices that is increasing in size every day. In essence, the Internet of Things represents endless possibilities for hackers who want to leverage botnets to their advantage.

Botnets are frequently used by hackers to perform Denial-of-Service attacks in which the host directs all devices on the botnet to repeatedly launch attacks at the victim’s network in an attempt to make the service or resources on said network unavailable. Botnets can also be used to perform other attacks, though, and they are incredibly dangerous. Some of the other uses of botnets include stealing data, sending spam, and even allowing for remote access to devices. Like many other types of cybercriminal activity, botnets can even be rented out or purchased in much the same way that other high-profile threats, like ransomware, can.

Navigating network security can be confusing due to the many complexities involved, but don’t worry—you’re not expected to know how to protect your company from every single type of threat out there. All you need to do is know when it’s time to admit that you don’t have to go at it alone anymore. There are so many valuable resources out there that you can leverage to take the fight back to hackers, or at the very least prevent yourself from becoming another statistic in the headlines of news articles following the latest security breaches or data privacy violations.

In times like these, relying on cybersecurity professionals to shore up weaknesses in your network’s defenses can be an incredibly valuable resource. Unfortunately, some organizations see the price tag associated with cybersecurity professionals’ salaries and see them as inaccessible or downright expensive. While it’s true that you do not want to skimp on security, small businesses can outsource this responsibility to a managed service provider like MSPNetworks. You might be surprised by how affordable it truly can be with a managed services approach!

Don’t let your devices become just another cog in the machinations of some hacker seeking to build their own botnet. MSPNetworks can equip your company with the tools necessary to protect itself from the threats associated with botnets. To find out more about what we can do for your business, reach out to us at (516) 403-9001.

What would you say if we told you that someone could buy access to your organization’s network for a measly $1,000? Well, this is the unfortunate reality that we live in, where hackers have commoditized the hard work you have invested in your organization. A study from KELA shows that the average cost to buy access to a compromised network infrastructure is insignificant at best, which is why it’s more important than ever to protect your business as best you can.

This report, published by KELA, followed Initial Access Brokers, an umbrella term used to describe threat actors that sell access to compromised network infrastructures. As you can imagine, these threats play a major role in online cybersecurity, as they are what facilitates many of the most dangerous threats out there that require access to a network, such as ransomware and other remote access threats. This report looked at one full year of listings by Initial Access Brokers to determine just what this type of network access is worth to other threats out there.

The results might shock you when you see how little value might be placed on access to your network. Out of 1,000 listings, KELA found that the average price of network access credentials was roughly $5,400, while the median price was about $1,000. There are other trends here aside from the average prices of credentials, including information on affected industries and countries. Among the top countries affected were the United States, France, the United Kingdom, Australia, and Canada, and the top industries affected included manufacturing, education, IT, banking/financial, government, and healthcare.

Just imagine—a disgruntled former employee or a competitor could potentially cause a lot of expensive harm by simply throwing away a small chunk of cash.

With such a low dollar amount placed on the value of your organization’s credentials, including VPN access, you need to start taking your security seriously before someone decides to purchase access to your network. There are a plethora of things you can do today to improve your organization’s security, including the following:

• Implement comprehensive security measures: We recommend unified threat management, or UTM for short, to deal with the majority of threats your business could run into. This all-in-one solution includes a firewall, antivirus, content filter, and spam blocker to minimize opportunities for your staff to encounter potential threats.
• Monitor your network traffic: If you are tracking who logs into your network and from where, you will have a greater chance of identifying sketchy traffic patterns and address them accordingly.
• Implement multi-factor authentication: Password security is important, but it’s not enough. Multi-factor authentication can ensure that anyone logging into your network is actually who they say they are.
• Take regular backups of your infrastructure: While you certainly don’t want it to come to this, you will want to make sure that you are prepared for the nuclear option on the off-chance that you are unable to regain access to your network.

Don’t get caught unaware by security threats. MSPNetworks can help you implement all of the appropriate measures to ensure that your network is as best protected as it can possibly be. Take proactive action now to prevent them from becoming major problems in the future. To learn more about network security, reach out to us at (516) 403-9001.

We don’t like it any more than you do, but if we have learned anything at all over the past several years, it’s that security absolutely needs to be a priority for all small businesses. In the face of high-profile ransomware attacks that can snuff companies out of existence, what are you doing to keep your own business secure? To put things in perspective, we’ve put together a list of some of the more common threats that all companies should be able to address.

Common Security Threats for Businesses

The following list of threats should give you an idea for how to start securing your business. You can never prepare too much for a potential security breach, so take the time now to get ready for what will inevitably come down the line.

Viruses

Some viruses are little more than an irritation, whereas others are incredibly disruptive to operations. They are basically bits of code that can harm your computer or data. Viruses are known for being able to spread from system to system to corrupt data, destroy files, and other harmful behavior. You can get viruses through downloading files, installing free software or applications, clicking on infected advertisements, clicking on the wrong links, or opening email attachments. Fortunately, modern antivirus software has gotten really good at protecting computers, provided that your software is up-to-date. For businesses, it’s best to have a centralized antivirus on your network that controls and manages all of the antivirus clients on your workstations. 

Malware

Malware is malicious software that performs a specific task. A virus can also be considered a type of malware, albeit more simplistic in nature. Malware comes in various forms according to its purpose, such as spyware for spying on infected machines and adware for displaying ads in extremely intrusive or inconvenient ways. The major takeaway here is that you don’t want to deal with malware in any capacity. It’s often installed on devices under the radar, and unless you are actively looking for it, it’s entirely possible that it can run in the background and cause all kinds of trouble without being detected. You can get malware through the same processes as viruses, and the same antivirus solutions can help you to resolve malware as well.

Phishing Attacks

Phishing attacks are mediums to spread other types of threats rather than actually being threats in and of themselves. Hackers might try to send out spam messages with links or infected attachments aiming to get the user to download them or click on them. When they do, the device is infected. Some phishing attacks are so inconspicuous that they can be hard to identify.

There are other types of phishing attacks as well, some of which try to get the user to share sensitive information or send money to the cybercriminal. Cybercriminals can spoof legitimate-sounding email addresses and use psychological hacks to convince the user to act in a certain way. It’s the most common way that hackers see results, so you should be aware of it.

Ransomware

Ransomware is so dangerous and high-profile that it is deserving of its own section. Ransomware locks down files using encryption and forces the user to pay a ransom in order to unlock them, usually in the form of cryptocurrency. Recent ransomware attacks are also threatening to release encrypted data on the Internet if the ransom is not paid, something which basically forces the user to pay up and gets around the possibility of restoring a backup.

Denial of Service (DDoS)

Denial of Service and Distributed Denial of Service attacks occur when a botnet, or a network of infected computers, repeatedly launches traffic at a server or infrastructure to the point where it just cannot handle the load, effectively disrupting operations and forcing it to shut down. Sometimes this happens with websites or services, so it’s no surprise that businesses can suffer from them, as well.

Trojans

Trojans (also called backdoors) install themselves on devices and work in the background to open up more opportunities for hackers later on. These can be used to steal data, infiltrate networks, or install other threats. Basically, if a hacker installs a backdoor on your network, they can access it whenever they want to; you are essentially at their mercy.

Zero-Day Vulnerabilities

Zero-day vulnerabilities are those that were previously unknown to developers but are currently in use by cybercriminals. These zero-day vulnerabilities are problems because when the developer discovers them and issues a patch, cybercriminals can identify the vulnerability based on the patch, and then exploit users who haven’t installed the patch yet. There is not much to be done besides keeping your software up-to-date, monitoring your networks for issues, and trusting the developers to issue patches as they discover security problems.

User Error

User error is a critical issue for many businesses. Your business is made up of people who perform tasks and work toward objectives. If one of these employees makes a mistake, it could leave your business exposed to threats. Thankfully, a combination of best practices and security solutions should be enough to minimize user error, and with some security training under their belt, your employees should have a good idea of how to handle it.

Get Started with Security Solutions

MSPNetworks can equip your business with the tools you need to be successful when protecting your organization. To learn more, reach out to us at (516) 403-9001.

There are always going to be those who want to use your hard-earned data and assets to turn a profit. One of the emergent methods for hackers to do so is through twisting the “as a service” business model into network security’s worst nightmare. This type of security issue is so serious that Microsoft has declared that Phishing-as-a-Service is a major problem.

Phishing-as-a-Service is not a new concept, and neither is the idea of adopting the “as a service” business model in the context of hacking. The difference between those items and now is that ransomware exists, and it’s one of the more dangerous threats out there to be sure. The biggest challenge that many organizations face, and what makes Phishing-as-a-Service so dangerous, is that it enables even amateur hackers to make money off of someone else’s hard work.

The service entails organizations and groups such as BulletProofLink, a Malaysian phishing service, who sell their clients products like website templates, email delivery, hosting, and credential theft. These services are provided in the form of fully unidentifiable links. The service provider hosts these resources on their servers and works to harvest credentials on behalf of their clients. While the credentials can be stolen—and yes, this is bad—they can also be sold on the Dark Web to others. These other attackers can then use them to launch even more dangerous attacks in the future.

Basically, the one who buys the credentials is not necessarily receiving credentials that are guaranteed to work. They are simply paying for the opportunity to get working credentials.

The aforementioned Phishing-as-a-Service provider, BulletProofLink, provides access to templates for login pages such as Microsoft OneDrive, Google Docs, Dropbox, LinkedIn, Adobe, and more. A different service also uses what is called “double-theft” where the provider steals credentials for one customer and sells them to another. As you can imagine, this affects the ransomware workflow, as attackers can use these credentials to infiltrate networks and encrypt systems, forcing those on the receiving end to pay up.

While the devil is certainly in the details for these threats, we hope that you at least walk away from this article realizing how dangerous and innovative hackers can be. If you underestimate the damage they can do to your business, it might be the last mistake you make.

MSPNetworks can help your business overcome the many challenges that come with cybersecurity. To learn more, reach out to us at (516) 403-9001.

Data breaches have become all too common for small businesses over the past several years and when it seems like there is a solution to one problem, something even worse pops up. Part of a comprehensive risk management strategy is identifying problems and doing what you can to keep them from affecting your business. Let’s take a look at the major cybersecurity threats small businesses are facing in 2021 and what you can do to keep them from hurting your business.

Phishing

For the small business, phishing makes up a large percentage of problematic cybersecurity situations. Phishing is more of a scam than a hack, but regardless of how you view it, it is the most dangerous problem businesses have to face when considering cybercrime. A phishing attack can come on any communications medium (including social media) and it only has to work one time for it to become problematic for your business. 

It works like this: A member of your staff, working at their regular breakneck pace, accidentally clicks on an attachment in an email that they think of as something to do with their jobs. Turns out, the email was spoofed and the attachment just deployed malware on your network. This can be trojans, viruses, or something as terrible as ransomware. 

Phishing is not only the most prevalent form of cyberscam, it is also extremely hard to combat. The hackers that use it are getting more sophisticated, and if your business isn’t evolving your strategies to keep up, you have a pretty good chance of being a victim. You need to have a comprehensive training system in place to tell your team about the dangers of phishing and how to spot possible phishing attempts. 

Poor Password Hygiene

Like passing that guy at the gym that always smells like B.O., it’s a sour situation when poor password hygiene is the reason for a data breach or a malware infection. Like phishing strategies, today’s hackers have very sophisticated strategies to guess people’s passwords. Not only that, social engineering can expose poorly made or duplicated passwords pretty easily. 

Passwords are used by almost every organization online and it is important that your employees select passwords that aren’t obvious and aren’t duplicates from other accounts. It is also important that your organization understands how to keep their data safe through the use of password best practices, such as not having employees constantly change their passwords, as they have a tendency to make them simple to remember or they don’t change them much from previous passwords.

Holes in Software

Like most other products, software titles have a support staff attached to them. These teams include development professionals whose job is to keep it secure. These patches are rolled out pretty regularly. If you don’t patch your software, you could have major holes that can be exploited. These vulnerabilities are regularly taken advantage of and are effectively open doors for hackers to get into your network.

The best way to keep these vulnerabilities from appearing is to regularly patch your software with the updates as they come out. Doing so will close the proverbial doors to your network and data and keep your digital resources safe. 

If your business would like to talk to one of our IT experts about getting the cybersecurity protection you need, or if you would learn more about which strategies work the best to keep your business’ network and infrastructure free from threats, give MSPNetworks a call today at (516) 403-9001.

We believe that at the end of the day, employees want to do the right thing and accomplish their daily tasks without incident. However, technology can often break these plans with unexpected issues that prevent them from doing so. If you don’t take the time to provide the proper IT support when it is needed, you force your employees to either be unproductive or find unconventional (and often unsecure) solutions.

Employees Using Unsecured Devices

Generally speaking, your employees will use their work technology to fulfill their obligations, including their desktops or perhaps a work-issued laptop or mobile device. Unfortunately, depending on how well these devices are maintained, they may be slower than the technology employees use when they are out of the office. This may lead them to using technology that is not governed by your security solutions, such as their personal devices, simply because they work better than their work-issued devices.

Therefore, it is crucial that you manage and maintain your organization’s devices in a way that makes sure they are working optimally. You should follow this up with a comprehensive Bring Your Own Device policy that outlines how employees are allowed to utilize their mobile devices for work purposes. Doing so will save you a lot of grief in the long term.

Unauthorized Software Downloads

There are times when your staff will require specific tools in order to perform a function of their job. If they do not have the appropriate tools to accomplish the task, they may choose to download applications from the Internet that allow them to do so. These applications are often dangerous to utilize, as they are outside the scope of your company’s software infrastructure, and who can really tell if the application used is secure or not?

This is especially problematic for software that requires a software license. Imagine for a moment that one of your employees is going about their daily tasks without any disruptions, only to be brutally severed from the tools needed to perform these duties by an expired software license. In their desperation to keep working and meet required deadlines, they might download some free software or perhaps one with a counterfeit software license. While this solves the short-term problem of getting work done, it could come at a steep cost should your organization become subject to network audits or otherwise.

In the end, being proactive about technology support is the only way you can prevent these issues from breaking your business and budget. While your employees might feel like they are being proactive in finding a solution, you shouldn’t have to rely on them finding the solution for themselves; instead, provide them with a protocol to follow so that you know they will seek the help of experts when it is needed.

MSPNetworks can be those experts. We want to help your employees do their jobs in the most effective way possible, be it through implementing new and innovative solutions or assisting them with their daily duties through comprehensive IT support. Let your team focus on what they know best: their own jobs, not keeping their computers and other technology in proper working order.

To learn more about how we can help your employees stay productive throughout the workday, reach out to us at (516) 403-9001.

To say someone is adept at a task is to say that they are a professional, or someone with a considerable amount of knowledge that contributes to their ability to complete a particular task. In cybersecurity, this is extremely important, as the entire concept of cybersecurity is complex by nature. Your business too can improve its cybersecurity practices and shift focus to a more mindful approach to network security.

First, let’s consider some of the challenges that small businesses face related to cybersecurity. Then, let’s talk about what it means to be a security professional and how your organization can use this knowledge to its benefit.

The Challenges of Security for SMBs

Security is a huge problem for small businesses, especially those that don’t take it seriously or think that they are not a target. The truth of the matter is that hackers don’t care how many employees you have or what industry you are a part of. Your business has data that hackers would find valuable, period. While many want to take it seriously, there are barriers that many businesses perceive to be in the way, chief among them a lack of security expertise and a lack of funds to hire top cybersecurity talent.

What Does It Mean to Be a Cybersecurity Professional?

This might seem like an odd question to ask, but we want to make sure that businesses understand what they must look for in a cybersecurity professional. Here are some traits that a security professional will have:

• A focus on proactive, preventative defenses rather than a reactive approach
• A divorce from security biases that prevent one from making objective decisions
• The technical knowledge and expertise necessary to understand cyber threats
• An understanding that security also requires training of staff and higher-level executives
• The flexibility to adapt to new threats and learn from them

Ultimately, whoever is at the helm of your cybersecurity strategy must possess these personal and professional traits. Failing to do so puts your organization at risk.

How to Become a Cybersecurity Adept Yourself

We won’t beat around the bush with this one; you are not going to become a cybersecurity professional overnight. Technicians have to undergo extensive training that involves meticulous attention to detail and a thorough understanding of the countless threats out there, as well as knowledge on how to respond to each of them. Suffice to say there is a reason why so many businesses choose to outsource this responsibility.

In a sense, trusting your organization’s security to outsourced professionals does make you a cybersecurity adept. Not only do you acknowledge that there are professionals whose jobs are specifically to handle this responsibility, but you also understand that security is nothing to mess around with. It’s a win-win scenario. MSPNetworks can be the professionals you trust your organization to. To learn more, reach out to us at (516) 403-9001.

Phishing attacks are some of the most common threats out there. Hackers will craft messages or web pages designed to harvest information from your employees, be it through suspicious requests for credentials via email or through false websites that look so much like the real thing that it’s no wonder they were tricked. How can you make sure that your employees don’t fall for these dirty tricks? It all starts with comprehensive phishing training.

So, what goes into a successful phishing training program? Let’s take a look.

Phishing training involves exposing your team to simulated real-world scenarios in which they might encounter a phishing scam. It’s worth mentioning here that phishing can potentially involve much more than just a simple email containing requests for sensitive information or forms on websites asking for credentials. Phishing can come in the form of phone calls, text messages, and other communication mediums. Therefore, it becomes of critical importance that your staff have the skills needed to identify these phishing scams in whichever form they take.

As for what this phishing training might look like, it depends on the context. Training might take a more passive approach with videos, but it also takes on more active approaches with interactive workshops and hands-on training exercises.

One of the best ways to get a feel for how well your employees understand phishing attacks is to test them without them knowing it using these simulated attacks to see who takes the bait and who doesn’t. In this way, you can get a sense for how they would react under normal everyday circumstances. This type of threat awareness is important to gauge where your employees are in regards to cybersecurity, and it can give you an idea of which employees need further training.

We want to emphasize that phishing training is not about calling employees out on reckless behavior; rather, it’s about corrective practices that can help your business stay as secure as possible long-term. It is better to find out which of your employees struggle with identifying phishing attacks in simulated situations than when the real deal strikes, after all.

Look, we all want to trust our employees to do the right thing and know better than to click on suspicious links in emails, but at the end of the day, wanting something and actually getting it are two entirely different things. We need to accept reality and admit that hackers can and will succeed in their phishing attempts if we don’t do anything to prevent them. The best way to keep phishing attacks from becoming a nightmare scenario for your business is to implement comprehensive training practices and consistently reinforce them with your staff.

MSPNetworks can give your employees the training they need to keep from falling victim to phishing attacks. After working with our trusted IT professionals, your employees will know how to identify phishing attacks and how to appropriately respond to them without risking your organization’s security. To learn more about our phishing training and other security services, reach out to us at (516) 403-9001.

It’s no surprise that mobile technology has infiltrated the workplace in more ways than one. Many businesses issue company-owned devices to their employees to get work done while out of the office, while others allow employees to bring their own devices, or use their own laptops and smartphones for fulfilling their day-to-day duties. That being said, it’s important to remember that mobile devices need to be managed in a very specific way to maintain security.

Let’s discuss how your business can manage the benefits of mobile devices in the workplace without sacrificing security.

Remote Wiping

Let’s say that one of your employees goes on a business trip and they set their briefcase down for a moment while they order a cup of coffee or some other task. When they return, the briefcase is gone, along with any devices that were in it. Besides scolding the employee for their negligence, your first thought might drift to the question of “What about the data found on that laptop?” What might the thief do with such data? The possibilities should have you concerned. Should you fail to recover the device, you will want the capabilities to remotely wipe the device of any and all sensitive data. This is to ensure that hackers don’t make use of it against your organization and to comply with various data privacy regulations. While it might stink to lose the device and have to replace it, it would stink more to have that data fall into the wrong hands.

Whitelisting and Blacklisting Applications

Some smartphone and desktop applications will be more secure than others, meaning that you will need to be extra cautious in what you allow applications to access on your devices. While we encourage all users to pay attention to what permissions are granted to applications, this is especially important for businesses. You should have the capabilities to whitelist and blacklist applications based on their potential merits or risks, thus keeping your devices (and data) as secure as possible.

Managing and Tracking Devices

Finally, you will want to consider a method for keeping track of any and all devices used to access your organization’s data. This includes any company-issued devices and employee-owned devices used for work purposes. You want to know who has which device at any given time, when that device was issued, what the employee is using the device for, etc. All of this helps you keep track of devices so that you can be sure they are being used effectively and, most important of all, safely.

Implement a Mobile Device Management Policy

If you want a comprehensive all-in-one policy to keep track of your company’s mobile devices, look no further than mobile device management from MSPNetworks. We can help your business stay on top of its mobile devices and reinforce best practices at every turn. To learn more, reach out to us at (516) 403-9001.