Posts

What Exactly Is a Security Posture & What Does It Mean to Your Business

Our business ecosystems have begun rapidly changing, with cybercriminals evolving rapidly, a new vocabulary is developing. A new addition to the lexicon of many is the concept of “Security Posture.” Another techy-word, referring to the strength and security of your IT infrastructure. Putting an increased presence on internet-born vulnerabilities for business technology. How you manage current hardware and software purchases, policy & procedure generation and controls.

What Makes-Up Your Security Posture

Any of these singular aspects are defined under cybersecurity, your security posture develops the likelihood of a breach, and what it would take for hackers to gain access to these critical pieces of network technology, but also the state of your employees, and if they can spot similar threats, making these difficult for many to observe.

In the context of managing cybersecurity, larger organizations, including Directors of IT, Chief Technology officers, and any compliance officer, must make decisions based on the deliberation and analysis of their security posture. Generating a better understanding surrounding certain aspects of your cybersecurity approach, but this is simply not enough anymore. In today’s connected age a more holistic approach is needed to meet regulations and compliance. Read more

Cyberattacks Using SSL Encryption Swells the Success Rate of Malware to 400%

Utilizing Microsoft’s latest partner release of the 2019 Security Intelligence Report, a report put together to inform Microsoft and Office365 Partners of the latest threat-analytics to hit the landscape. Of the 470 billion emails analyzed, the year-to-date trend was well over 250% since it’s last publication in 2018. As phishing attacks continue to trend upwards, attackers are beginning to leverage more sneaky tactics to accomplish their end goal, including blackmail, extortion and worst of all, data corruption.

For many businesses, encryption has become the norm as cyber-criminals begin looking to disrupt operations to turn a quick profit.  One of the largest goals behind any cyber-attack is stealth, the longer a malicious activity goes on unnoticed in your systems, the greater the chances of their attack succeeding. One popular avenue has begun involving SSL encryption to disguise the transmissions of the attack from your local anti-virus or malware agents.

As previously warned, these attackers are persisting to utilize website encryption to provide users with a false sense of confidence while surfing or researching something on the web. As we have mentioned here, Security Awareness Training can assist in informing your employees of the perils found in today’s connected businesses. Begin scrutinizing the sender’s domain name, and the content they want from you.

  • Phishing – 2.7 Million phishing attacks occur monthly, a 400% increase since we’ve been tracking these states in 2017.
  • Content is King – 196 Million instances of “malicious content” including websites, malicious scripts, and malvertising we all found on some of the most well-known websites this year.
  • Botnets – 32 Million botnet callbacks were performed and blocked on average each month since 2018
  • Domains – 32% of all spoofed domains or websites were using SSL to deliver content.

Most Phished Brands through HTTPS:

  1. Microsoft Office365 or OneDrive – 58%
  2. Facebook – 12%
  3. Amazon – 10%
  4. Apple or iTunes – 10%
  5. Adobe – 4%
  6. Dropbox – 4%
  7. DocuSign – 2%

By preparing your employees with a security mindset, we broaden business’ stance on security, to better prevent things like SSL attacks from reaching your end-users. Each of these acts leverages more ways for cybercriminals to establish credibility, and the context needed to fool business.

Recently, I received an email from one of our clients in the North Bay, and they copied me on an email that was dressed up to represent a Microsoft Office 365 notice. Now, this notice contained links to an “invoice” that were crafted and carefully coded, to send the staff to a fake Russian URL, where Office365 logos were plastered everywhere. Even more conveniently, was the willingness for this HTTPS encrypted website to take down ANY information relating to my own personal Office 365 account. Thankfully, this partner reached out to our staff to double-check the status of their Office 365 account and wouldn’t you know it, no issues were reported.

(Email Pictured Below)

7 Cybersecurity Tips That Give Your Business an Unfair Advantage in 2019

Clare Computer Solution’s partner and security experts, Webroot, revealed the findings on their 2019 Threat Report, displaying many “tried-and-true” attack vectors or methods are still at the top of the list, with new threats emerging every day. It would appear the attackers are innovative, to say the least. This comes just in time, as many of our partners spoke to these very claims at the 2019 RSA Conference hosted just last week in San Francisco, California.

Hal Lonas, Chief Technology Officer at Webroot reports:

 

“We wax poetic about innovation in the cybersecurity field, but you only have to take one look at the stats in this year’s report to know that the true innovators are the cybercriminals. They continue to find new ways to combine attack methods or compromise new and existing vectors for maximum results. My call to businesses today is to be aware, assess your risk, create a layered approach that protects multiple threat vectors and, above all, train your users to be an asset—not a weak link—in your cybersecurity program.”

Clare Computer Solutions Couldn’t Agree More; Here are some from Webroot’s 2019 Security Report highlights:

  1. A staggering 40% of malicious URLs were found on “good” or “safe” domains. Legitimate websites are frequently compromised to host malicious content. To protect users, and employees data cybersecurity needs URL-level visibility or domain-level metrics to accurately showcase these dangers. Far too often, standard antivirus or endpoint protection can lack the capabilities, leaving these links in an employee inbox.
  2. Phishing attacks have increased by 36%, with the number of malicious sites swelling to 220% from last year. We’ve even seen phishing sites use SSL Certificates, and HTTPS to trick unknowing users into believing they’re secure and legitimate. Microsoft’s latest Security Intelligence Report, confirms this with analytics reporting 250% increase in phishing messages being sent through Office 365.
  3. 77% of spear phishing attacks impersonated financial institutes, and most likely to use HTTPS over other types of target. With over 80% of financial institutions finding compromised links residing on an HTTPS page.
  4. Google followed by Microsoft, and UPS/FedEx ranked among the most impersonated brands in phishing overall for 2019.
  5. Security Awareness Training reports from Webroot and KnowBe4 both show an average of 80% less likely to fall for phishing attempts, especially with phishing simulations, and on-demand training.
  6. One-third of all malware makes attempts to hide inside of %appdata% folders. What makes these locations price for hiding, is the commonality between paths. Every user directory, with full user-permissions, will install here and are hidden by default in most operating systems. Although malware can and will hide almost anywhere, the most common locations are as follows:
    – 29.4% in %appdata%
    – 24.5% in %temp%
    – 17.5% in %cache%
  7. Devices using Windows 10 are at least 2x more secure than those systems still on Windows 7. Webroot has reported a steady decline in malware on Windows 10 machines in the business space.

Furthering your Security Measures

While ransomware was less of a problem in 2018, it has become more targeted, and companies, customers, and employees will fall victim to ransomware. In 2018 many attacks saw the use of Remote Desktop Protocol (RDP) as an attack vector. Leveraging tools to scan systems with inadequate RDP settings. It’s these unsecured RDP connections that hackers can use to gain access to a given system and browse through all its shared data. Further providing criminals with sensitive information that ransomware can exploit.

Begin furthering your security measures today, with the use of a cybersecurity assessment. Easily track your current security posture, and rely on the experts to build you a roadmap for securing your business. Dive-deeper into your network than ever before, with the use of our Security Posture Assessment from Clare Computer Solutions. If you wish to view the Webroot report, you can find that here.