Here we are, months later, still dealing with the changes this pandemic has created. Most changes haven’t been fun, but it’s made for very interesting times. Many businesses are focused on balancing between more or (for some) less work, figuring out how to maintain staff, motivate existing staff remotely, determining how to keep staff busy and preparing for what tomorrow will bring as we slowly start to come out of the COVID-19 quarantine. Now, more than ever, is the time to re-evaluate your businesses Security Posture and implement solutions you may have been hesitant to consider previously. It’s predicted that by 2021, cyber crime will cost the world $6 trillion annually. Even more frightening is the fact that on average, there is a hacker attack every 39 seconds Read more
Insider threats cost companies millions. According to the Ponemon Institute’s recently released study ”2020 Cost of Internal Threats.” In the last two years we have seen a 31% increase in threats emerging from inside an organization. Costs range from $756K to $871K per incident, depending on the type of breach.
There are three types of Insider Threats:
- Careless, Negligent Employee or Contractor– These are well-intentioned employees or other users who accidentally harm the enterprise. These incidents happen all the time, but a lot of people don’t think about this threat. Employees constantly make mistakes that put company data at risk — whether that’s because they’re careless, taking shortcuts, or simply uneducated in security. These mistakes add to the challenges faced by IT Teams daily. Ransomware, for example, is often put on a computer because of an employee’s careless browsing or download habits. Phishing attacks are another great example.
- Malicious Insider – This is the disgruntled employee who sabotages company data as revenge. This could be the employee who steals proprietary data to take to their new firm or the customer service rep who copies credit card data to sell online or the sales rep sharing competitive information. It’s anyone who intentionally harms their employer, whether for revenge, personal gain, or any other reason. These guys know exactly what they’re doing.
- Credential Thief – These are outside hackers who steal credentials to gain inside access to your system. Once an outsider gains access to your system, they are effectively acting as an insider. The methods that you need to detect and stop them are the same as any other rogue employee. While many don’t think about these guys as “insider threats”, they’re a huge danger operating from within your environment, so they are very much an insider threat. These guys damage brand, reputation and generally wreak havoc, often looking for personal financial gain.
Of note, the negligent insider has been identified as the root cause of most incidents (with average costs of $756K), while the malicious insider risk is the most costly (with average costs of $871K). And the longer it takes to identify the breach, the more costlier it gets. With the average incident taking 77 days to contact this adds up to a costly amount!
The data shows that most organizations need to be more vigilant about insider threat incidents, which often fly under the radar until it’s too late. Many organizations believe that they can address insider threats with their existing, externally-focused security solutions, when a dedicated insider threat management strategy may be a better overall approach. Here are a few tips Clare Computer Solutions Recommends:
- Implement an Endpoint security solution, backed by a Secure Operations Center, that can quickly identify insider threats and provide immediate support.
- Limit access to non-essential data or limit the duration of time users can access the information needed for a task.
- Use AI solutions to Identify behavioral indicators of potentially malicious insider threats
- Periodically evaluate the organization’s risks through dark web monitoring for credential leaks.
- Establish consistent, repeatable processes that educate all employees through Security Awareness Training.
- Begin considering the impact an insider threat could have on reputation and brand, in addition to the financial costs
Contact Clare Computer Solutions to discuss your organization’s security posture and how our team can protect your business from insider threats.
COVID-19 continues to create opportunities for the “bad actors” to wreak havoc. In this week’s blog we discuss the latest security concerns created by the COVID-19 pandemic, specifically around Ransomware. This quarter saw a 33% increase in ransom from Q1 2020, with average payment requirement of $111K! It’s the seventh straight quarter that system hijackers have reaped more money and shows that this security breach continues to grow. Compare this to the previous numbers we shared in which the average ransom in Q4 2019 had increased from $84,116 reflecting a staggering increase from $41,198 in Q4 2018.
2020 Findings for Quarter #1 (Q1):
Ransomware Attack Vectors:
- RDP Compromise remains at 60%
- Email Phishing rose to 26%
- Software Vulnerability dipped to 10%.
**Poorly secured Remote Desktop Protocol (RDP) access points continued to be the most common attack vector in the last two quarters.
- Companies in the Professional Services Industries are the most commonly targeted
- Healthcare Companies
- Public Sector entities – schools, government
- Software Services Companies
Average Size of Companies Targeted by ransomware:
- The median company size victimized was 62 employees for Q1, 2020, a 2.5% rise from Q4, 2019.
Average Downtime From Ransomware Attack:
- The average downtime for a business compromised was 15 Days
In addition, Cybercriminals are now weaponizing sensitive data to increase pressure on their ransomware victims. More than just asking for a ransom to gain access to your data, they are now threatening to sell your data. Of note is that 99% of ransomware attackers demanded their ransom be paid in Bitcoin; the remaining 1% asked to be paid in Dash or other privacy coins. This has created even more issues and downtime for many companies as they had to scramble to set up BitCoin accounts. (Typical time to set up a BitCoin account is 2-days)
If You Haven’t Done so Previously, Now Is the Time to Evaluate Your Security Risk
Ransomware attacks are becoming more sophisticated and cybersecurity professionals are taking action. With the right tools, you can prevent, detect and respond quickly to ransomware attacks threatening your organization. Clare Computer Solutions offers a suite of security solutions to mitigate your risks. Cyber-extortionists will stop at nothing to steal your business data. Companies victimized by phishing emails and ransomware seek immediate assistance. Talk to your Account Manager or Virtual CIO to discuss your options for a greater security posture.
Uncertainty about the availability and allocation of financial relief funds for the COVID 19 pandemic has confused small business owners while simultaneously creating new opportunities for cyber attackers to prey on unsuspecting victims. Per a recent article published by IBM and Morning Consult, nearly 40 percent of small business owners believe they’ve been targeted with malicious coronavirus (Covid-19) spam emails. This new phishing scam has created an open door for those bad actors to wreak more havoc during this already stressful time.
Since mid-March, Covid-19 related phishing lures mimicking the Small Business Administration (SBA), the World Health Organization (WHO), banks offering relief funds, the U.S. Federal Reserve and other government organizations, have spiked by 6,000 percent, according to the report. For example, spam that impersonates the SBA and promises government relief funds trick victims into opening a spoofed application attachment that triggers a malware infection. With this continued rise of phishing attempts Security Awareness Training has never been more important. As you can see from the statistics below people are expecting to receive COVID-19 information and updates. As such, users may let their guard down and be easily tricked. “The data and intelligence should remind us that there is no honor among thieves,” the report reads. “Cyber criminals will continue to view times of uncertainty as an opportunity, seeking new ways to exploit targets when they have their guard down.”
As coronavirus (COVID-19) forces more employees to work from home, businesses are adapting to a new remote-work business model as quickly and effectively as possible. Although technology has made this process easier, our professional identity is temporarily confined to a small square of video.
Today we’re sheltered in place, but even when COVID-19 is over we will be a society that’s learned to do business remotely. Remote working and virtual meetings are here to stay. Whether you are doing one on one calls, or joining in a large group meeting, quality and etiquette that stands out as better than average gets noticed. Make sure that you stand out for your preparedness, professionalism and content. Read more
Growing interest in up-to-date news on the COVID-19 (Corona Virus) is making many vulnerable to online cyber-attacks. Hackers are exploiting the public’s need to feel safe and in control, through phishing attacks.
Did you know Cybercriminals have ramped-up phishing attacks over 667% in the month of March alone?
With cybercriminals in a feeding frenzy, it’s super-important to conduct phishing training during this time. Make sure that your users are prepared. It’s better to have a “fail safe” in place and direct your users to a learning moment, than to have an employee click on a phishing email and have your entire organization experience a breach. According to Symantec, phishing emails have risen, common spoofs include the Center for Disease Control (CDC) Health Alert Network. Claiming to provide a list of local active infections, the links takes eager readers to a sign-up form that collected emails and passwords. Once these email/password pairs are stolen and in the hands of a cybercriminal, the damage can be catastrophic. Hackers use such methods to deliver payloads as: clicking a link, opening a PDF, or installing a program that infects your systems. Read more
These are difficult and uncertain times for all of us. At Clare Computer Solutions we are helping many firms change the way they work as a result of COVID-19 and we are here to support you.
- Building a remote workforce quickly and securely? We can help you.
- Turn in person meetings and conferences into virtual events? We can help you.
- Need to improve communication between staff and clients? We can help you.
- Looking to help your employees to collaborate better? We can help you.
- Concerned about Ransomware, Network, or Virus Attacks? We can help you.
- Implement Cloud-based security and monitoring tools to protect workers outside of secured site environments? We can help you.
- Provide on-going support and maintenance of your systems? We can help you.
- Short term or long term needs? We can help you.
Many companies find themselves in a position where a remote workforce has become a sudden necessity. The Corona Virus (COVID-19) Pandemic and the ‘Shelter in Place’ order has forced most companies to move quickly when applying rapid changes to the network. Businesses are feeling the pain, scrambling to ensure entire your workforce can remain productive and secure while working from home.
We at Clare Computer Solutions, first and foremost, hope that wherever you are that you are staying healthy and safe during this unprecedented and challenging time. These are difficult and admittedly uncertain times for all of us.
Clare Computer Solutions continues to provide service with integrity during this shelter at home order supporting our clients, community and employees to the best of our ability. As an essential business supporting other essential businesses, we’re committed to being a reliable partner to our clients and their end-users in difficult times – just as we are in good times. We remain open and available to provide you with the latest, most current information and technologies you need to keep your businesses running and are committed to doing our best to complete all active projects. We are available to assist any new clients with their design, implementation and support needs during these challenging times proving remote and onsite assistance.
We appreciate your support and want you to feel confident that the Clare Team remains available to help guide you through your IT Technology goals and IT Support needs, in spite of the rapidly changing environment.
With flu season wrapping up, and the corona virus a real threat to many businesses here in the SF Bay Area, remote work could quickly become the norm. Regardless of policy, this opens many businesses up for credential stealing hackers to strike. With many workers out this time of year, business’ find themselves wondering how they can prevent cyber attacks, and infiltration as credential stealing becomes more popular than ever before.
Being a Small business used to be known, as a hacker deterrent; unfortunately that is no longer the case. Business owners have taken notice, and many have already began enhancing their security. For many SMBs, the dark web isn’t on their radar but it should be. Read more
Business Email Compromise (BEC) now encompasses the largest threat to business. Designed to evade traditional email security, Business including gateways and spam filters, spear-phishing attacks are often sent from high-reputation domains or compromised email accounts. Attacks typically use spoofing techniques and include “zero-day” links, unlikely to be blocked by URL-protection technologies.
Better enforcing your ability to curve attacks and avoid these scams. A lot of the time, attackers impersonate the HR, IT or Finance Teams, instead of an individual. Often, requests appear from a senior executive or trusted colleague. Read more
Our support is available 24x7: (925) 277 0690
- Monday-Friday: 8 AM to 5 PM
- Saturday-Sunday: After-hours Support