Business Solutions & Software Group Blog

Phishing attacks are a fashionable strategy for many cybercriminals and have been for some time. From the infamous Nigerian Prince email scam to the generic urgent message from the bank, most people have seen at least one example of phishing hit their inbox.

We’ve all seen them: the scam emails that are so obviously a scam, you have no idea why a scammer or a cybercriminal would even bother sending them. It just so happens that there is a very good reason that criminals continue to use these transparent attacks, as they have done for centuries.

With so many people working from home due to stay-at-home orders resulting from the COVID-19 pandemic, IT security may not be at the forefront of users’ minds. Unfortunately, scammers and hackers aren’t unemployed during this time and are still causing havoc for businesses of all sizes. Let’s take a look at cybersecurity during COVID-19.

When it comes to cybersecurity, automation can benefit many of your processes and protections. Let’s review how automation can be used to protect your business, and by extension, your livelihood.

The term “hacker” has firmly become a part of the public lexicon, thanks largely in part to pop culture and its liberal use of the term. However, the use of the term so frequently has effectively diluted its meaning to “someone good with computers.” In order to keep your business secure against the hackers of the real world, it may help to understand the motivations behind their activities.

Fishing - a jerk on one end of a line waiting for a jerk on the other end.
Phishing - very similar to fishing, but much more consequential.

While the word phishing is humorous and relatable due to it being derived from the word “fishing”, the consequences of falling victim to a phishing attack are far from comical. Today we will discuss just how serious these attacks can be, and the easiest way to prevent them.

With data starting to be treated more like a commodity, companies are spending more time and money attempting to secure the data they have. Some organizations aren’t successful. In 2018, over 446.5 million records were exposed, even as data breaches dropped by 23 percent to 1,244. Back in early May we took a look at data breaches over the first four months of the year. Today, we update this list.

Have you ever wondered what happens when hackers gain access to state-developed malware tools? Well, now you don’t have to; a type of malware called Double Pulsar, that has been utilized in the past by the NSA, was bundled with a Chinese hacking tool and used to carry out attacks on Hong Kong and Belgium in 2016. Needless to say, this threat is unnerving.

If you were to ask us what one of the most important cybersecurity features to have is, chances are, we’d answer “secure passwords.” Sure, this might be the answer that you’d hear from everyone, but that’s because it is really that important. For our tip, we’ll illustrate how it’s so important by examining a few key processes hackers use to crack a password.

2018 has been the year of the hack. The problem, so was 2017, 2016, and so on… Marriott International has announced that they have had what could be the second largest data leak in history. They are saying that they are responsible for a data breach that leaked some 500 million records over a five-year span.

Each day tens of thousands of people from all over the world are hacked. Not just sent run-of-the-mill phishing emails, but legitimately hacked. This has made the cybersecurity industry grow at a rate only surpassed by the Internet of Things (which ironically may be one of the largest threats to cybersecurity in the world). We thought it would be good to go over some of the largest cybercrimes of the first half of 2018, and some telling statistics that will give you an idea of what exactly you are up against.

Artificial intelligence has been making waves in the world of cybersecurity, as machine learning could potentially make the solutions we have today smarter and better at their intended jobs. However, artificial intelligence has also appeared on the other side of cybersecurity, as cybercriminals have begun to leverage A.I. as well.

The Internal Revenue Service has declared to tax professionals that they must take extra steps toward protecting the information of taxpayers. Certified Public Accountant (CPA) firms, whether they are large organizations or small businesses, hold much information that could be used by hackers and identity thieves, which makes them major targets during tax season.

If you were a cybercriminal, what would be your preferred method of launching a ransomware attack? Would you rather create a catch-all threat that could capture as many potential victims as possible, or a calculated approach to land a big one? Despite the proven results of larger ransomware initiatives, most cybercriminals have made the shift to smaller, more targeted attacks against specific companies, and in some cases, individuals.

How quickly could your business recover if it were suddenly hit by a Distributed Denial of Service, or DDoS, attack? Are you protected against the effects they could have on your operations? If asked these questions, most businesses should want to say yes, but in reality, over half lack the means to defend against DDoS.

Social engineering is one of the trickiest parts of protecting your organization. It might sound like something out of a science fiction flick, but it’s one of the most dangerous attacks that a hacker can use against your business. Social engineering attempts to manipulate the target into giving away sensitive credentials or personal information for the purpose of stealing identities and other malicious intentions.

There are times that hackers can’t interfere with data, and then there are times that hackers really can’t interfere with data. CERN, the Conseil Européen pour la Recherche Nucléaire (European Council for Nuclear Research) maintains far too powerful of a computer grid to risk it falling into the control of hackers. To protect it, CERN leverages the cutting edge of security to protect its European Laboratory for Particle Physics: artificial intelligence.

As much as we personify the items in our life, we should remember that they are just that: items. However, technology has made it so that these items seem to be getting smarter through artificial intelligence. The first computer to play chess against a human opponent was introduced in 1956, and ever since, humanity has strived to make progress in the field of AI. In fact, AI is so valuable that even hackers are trying to take advantage of it.

In what is one of the first attacks of its kind, a botnet dubbed WireX swept across 100 countries, controlling over 120,000 IP addresses at its peak. The factor that made WireX so unique was the fact that the botnet was made up of Android-powered devices that had one of 300 malicious apps downloaded from the Google Play Store.

As we hear news about large-scale hacks and data breaches, there’s a temptation to picture attacks like those in television shows and films like Mr. Robot, Live Free or Die Hard and other works of fiction. These attacks are often carried out by criminal geniuses or nefarious nation-states, utilizing of a crippling zero-day vulnerability or superbug to bring society to its knees.