immune

No One Is Immune

immuneDo you remember when the Ebola virus caused world-wide panic a few years ago? The killer virus appeared to be out of control and there wasn’t enough supply of vaccine or enough time to distribute it.

Like the script from a sci-fi horror flick, “No one is immune! Ebola is coming to get you!”

Of course, there were those who believed that it could never happen here. There always are. They are the ones who won’t get a flu shot then wonder how they got the flu several months later.

Real World – Virtual World – Same Problem

The same irrational thinking prevails in the virtual world. Even though, as we have cited before, more than 60% of small businesses have been victims of cyberattacks, the other 40% still think they are immune.

But, according to a recent article in TechTalk, the size of the business is not the only reason some businesses have a false sense of security. The article noted that some corporate enterprises feel that their systems are safe because they operate using a different system. In particular, the misconception is alive and well amongst users of Linux, Ubuntu, and iOS.

The assumption is that “users believe Linux, Ubuntu and iOS are more secure because in most malware cases, Windows users are the victims. Although it is true, Windows PCs are highly targeted, this is only because of their large market share. . .  hackers can cast a wider net when targeting Windows PCs than if they were to target Linux, Ubuntu or iOS.”

That sounds like the small business owners’ reasoning that they won’t come after me because I’m too small. Not only wrong, but proven wrong.

It is also becoming abundantly clear that Linux, Ubuntu, and iOS system have been under attack. They just haven’t grabbed the headlines. Yet.

The first rule of thumb in any security business is never assume you are safe from attack. That goes for cybersecurity, too. The faster technology grows, the more we are exposed to security breaches. It doesn’t matter what size your business is – or what operating system – you use. Your technology needs to be guarded.

Guarding your technology is what we do. We work diligently to keep you aware of potential dangers and how to take a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

What in the World Are Hackers Thinking?

hackersWe already know what we think when our digital technology has been compromised by some &^%#$* hacker and her (yes, her!) virus, malware, ransomware, or phishing expedition. We get frustrated and downright angry. Have you ever wondered, what the hacker was thinking or what motivated her? We thought it might help to understand.

A recent report published by Government CIO indicated that,

“Most cyber criminals are motivated by the commission of a crime. It is a psychological issue that defines them as people with some super traits that cause antisocial behavior. Possibly, these people suffer from one or more forms of psychological disorders that seek to gain recognition or personal gain from illegal activities.

Other personality traits exhibited by the cyber criminals include “self-centeredness, grandiosity, callousness, and lack of remorse or empathy for others coupled with a charismatic, charming, and manipulative superficiality.”

Does that give you a warm, fuzzy feeling? We didn’t think so. Perhaps this will help. In late 2016 Digital Endpoint described eight common types of hackers along with some insights into what motives them.

TYPE PERSONA MOTIVATION
White Hat Good guys Companies employ them to test software, websites, and systems from criminal hackers.
Black Hat Guns for hire They get paid for stealing information by the people who want that information. They don’t care about the information per se.
Grey Hat Wolves in sheep’s clothing They test systems, but without permission. When they find a weakness, they try to sell their findings to their victims for a price.
Script Kiddies Trainees They use packaged software to disrupt systems and establish a reputation in the hacking community.
Hactivists Protesters They are employed by governments to gain information and/or attack foreign entities.
State Sponsored Warriors They hack to harass, expose, and exact revenge on entities to which they are opposed.
Corporate Spies Corporate Spies Corporate spies have existed for years. The internet and digital technology are just new tools.
Cyber Terrorists Terrorists They want to “spread fear and create chaos … by causing unrest.”

Did we mention that some hackers are women? Watch this video. It will give you even more insight in what in the world hackers are thinking.

Guarding your technology takes an awareness of potential dangers and a few, common-sense steps to ensure the safety of your data and devices, not the least of which is having regularly-scheduled system and software audits by digital security professionals.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

digital hygiene

Did You Know that Digital Hygiene Can Reduce Cyber Breaches?

digital hygieneDigital hygiene? What’s that?

Digital hygiene is a lot like dental hygiene. A dental hygiene regimen helps to protect our teeth and gums from bacteria, infection, and decay. A digital hygiene regimen is necessary to protect our technology and information against infection from viruses, malware, hacking, phishing and other cyber attacks.

Cyber attacks are just about as stealthy as dental attacks. Most often we don’t realize that we have developed a cavity until it is already too late. The same is true with cyber infections. The best hygiene in either the dental or the digital world is preventive. A 2015 report by Verizon revealed that most cyber attacks are not carried out by a full frontal hacking of a device, but rather by manipulating the humans that operate them.

Digital hygiene requires continual, proactive care.

Just as routine dental hygiene involves care at home and checkups by a professional, so, too, does digital hygiene. Here are 10 important steps we recommend to keep your technology safe.

  1. Be extra careful when asked for personal information in response to emails, phone calls (cell phones are technology too), or web pages. It’s not that sharing is, itself a bad thing. Just be super cautious about what you share and with whom you share it.
  2. Do not respond to online or on-phone demands to run a particular software on your computer.
  3. Do not be afraid of specific online threats of “account closure, disciplinary action, or arrest.” Legitimate businesses do not usually threaten people.
  4. Ensure that all of your software is up to date. You can set your devices to update automatically. (If you are not sure if you should or how you can exercise this option, give us a call at 843-282-2222. We will be happy to help.)
  5. Avoid visiting “suspicious” websites or installing “suspicious” programs.
  6. Think carefully about identifying your location on your mobile devices.
  7. Create strong passwords on all devices – including your cell phone.
  8. Think twice before clicking on attachments or links.
  9. Strengthen your security with two-step verification for access. Click on this link to learn how to use Google account two-step verification. (Did you think twice before clicking on the link?)
  10. Have a regular digital hygiene checkup.

Guarding your technology is best done with regular digital hygiene. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

cyber safety

You Are Most Exposed to Cyber Threats When You Think You Are Not a Target

cyber safetyBack in the last decade of the 20th century, an entrepreneur in Orlando proudly, publicly stated that his business was too small to be a target. Granted, he wasn’t talking about cyber threats, but he was talking about other threats to the security of his business.

He was wrong. Within a matter of months after he boldly blurted out what he believed to be true, his company was the target of litigious attack from a German-based company with over 300,000 employees and annual revenue in excess of $80 billion.

Lesson learned: The size of your business does not exempt it from attack.

This applies, in particular, today when it comes to small businesses and cyber threats. As a recent article in CIO magazine put it, “Believing that their security program is good enough means there’s a good chance they’ll be breached.” The article was addressing small business owners.

Think You Are Immune from Cyber Threats?

Think again. The CIO article described the lack of small business ownership with cyber security issues was akin to them being in a time warp compared to Fortune 100 enterprises. In fact, small business owners should consider these documented facts.

  • “95 percent of IT professionals at small businesses believe their cyber security posture is above average. However, 100 percent of the same respondents also said they could improve their ”
  • Small businesses are the victims of a whopping 4,000 cyber attacks per day.
    • That’s more than 120,000 per month.
    • That’s nearly 1.5 million attacks per year.
  • 75 percent of all U.S. companies have experienced some form of cybersecurity breach in the 12 months from April 2016 to March 2017.
  • SMBs are the target of 62 percent of all cyber-attacks.
  • “60 percent of small businesses are unable to sustain their businesses” for more than six months following an attack.

If you think that last statistic is because those businesses aren’t as well operated as yours, this statistic should put it in a more worrisome perspective. The average cost of a single data breach is $225 per record lost or stolen. For small businesses, the average price of recovery from a cyber-attack is $690,000. (Fast Math: ≈ 3,000 records x $225/record)

Our objective is not to scare you. It is to warn you. When it comes to being the target of a cyber threat, size doesn’t seem to matter.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common-sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

free wifi zone

Internet Security on the Go . . . Going, Gone

free wifi zoneCarrying a laptop, notebook, or other mobile device wherever one goes is so commonplace now that even kids in the backseat have Wi-Fi access to the internet over the river and through the woods to Grandmother’s house. Before you point a finger at the kids, just remember, you started it – and you are carrying your device wherever you go, too.

Because you do, because you need to guard your technology, and because we care, here are a few tips for ensuring your internet security when you are on the go, before your personal information is going, going, gone.

Avoid Public Charging Stations

But, they are so-o-o convenient! Exactly – and therein lies the rub. They are so convenient that they are an attractive, ubiquitous, and convenient tool for hackers. As soon as you plug into the USB port your device and all the data on it is conveniently accessible. For hackers, the practice of Juice Jacking is like taking candy from a baby. Carrying your own portable charger if you expect to need to juice up on the go.

Create and Use a Virtual Private Network

The operative word here is “private.” Your VPN virtually guards your technology while using publicly shared networks. Think of your network as a wire insulated to keep it protected from all of the other wires in the same conduit.

Disable Shared Settings

Don’t leave home without doing this: turn off all sharing enabled on each device accompanying you on the trip. You probably locked the doors to your house when you departed, unless you like to keep them open just in case anyone wants to use it while you are gone. Lock the doors; turn off sharing.

Ethernet as a Business Essential

Your business data and technology is too valuable to expose it to public Wi-Fi access. Avoid Wi-Fi by having a business ethernet, ethernet-enabled mobile devices, and traveling with an ethernet port.

Beware of Bluetooth

You don’t need to worry about Blackbeard pirating your information via Bluetooth, but there are plenty of others who are ready and willing to grab the bounty on your business devices when you least expect it. It’s Bluetooth. It must be secure. Not.

Guarding your technology does not have to involve elaborate evasive tactics. It just takes an awareness of potential dangers and taking a few, common sense steps to ensure the safety of your data and devices.

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

BYOD bring your own device

Why BYOD Makes a Case for Whitelisting

BYOD bring your own deviceTwenty years ago, no one would have imagined employees bringing their computers to work. In fact, twenty years ago, having a company-owned PC on an employee’s desk was considered a status symbol in some companies.

Today, the average person’s cell phone has more technology inside that NASA used to land our astronauts on the moon. What is more, 98% of mobile device users keep their devices within reach 100% of the time – from the bathroom to the boardroom. That’s a lot of technology in the hands of people who are not rocket scientists.

BYOD Makes a Strong Case for Whitelisting

While, on the one hand, employees and companies alike embrace the concept of Bring Your Own Device, it is not without its inherent dangers.

When people bring their own device, any amount a company saves in CapEx for computer hardware, as a result, may potentially be lost by a failure to manage those devices in the workplace.

Advice from INFOSEC

As far back as 2012, the INFOSEC Institute warned businesses about the rising tide of changes that a BYOD culture would generate related to guarding the businesses’ technology. Among their recommendations was:

  • Know who can access your company network and data remotely.
  • Know how your employees’ devices are configured.
  • Clearly communicate your BYOD policies.
  • Audit BYOD activities on a regular basis.
  • Ensure that employee devices are compliant with your IT security policies and government regulations.
  • Control the apps.

Control the Apps

Managing the apps is where whitelisting comes into play. Several of our recent blog posts have addressed the wisdom of whitelisting, including the most recent, “From Whitelisting to Dynamic Whitelisting,” so we do not need to cover that ground again. However, we want to raise your awareness of the efficacy of implementing whitelisting if your business allows a BYOD practice.

We recommend whitelisting to protect both your system, if accessible by employee devices, and to protect their devices as well. You know what they say, “One bad app can spoil the whole bunch.”

Tech Sentries is as concerned about your computer system security as you are. Your computer system security is our business. That’s why Tech Sentries is always on duty. Contact us today to learn how we can help you “GUARD YOUR TECHNOLOGY” (843-282-2222).

Scam Alert Myrtle Beach

Protecting Yourself From Email Scams During The Holidays

Fraud Alert Myrtle Beach

 

During the holidays, it’s extra important to be aware of email scams as you’re sending and receiving your holiday gifts and packages. One of the more common scams during this season are the fake delivery notices that you have a package waiting. Consumers are once again reporting this scam at an alarming rate so we wanted to help you be aware of what it is and what it looks like

What Does This Email Scam Look Like?

The scam works like this: An email is sent by the scammers with the subject line reading something like “Delivery Failure From USPS.” There will be a link to click on to find out why your package wasn’t able to be delivered. As soon as you click on that link, you’ve opened up your computer for the virus. Some of the lingo used might look something like this:

USPS.com

You have a package that your postman was unable to deliver.

Please print the label provided to you through this link and take it to your nearest post office to retrieve your package.

NEVER CLICK ON THE LINK!

Clicking on links associated with these email scams can open up a host of issues. The biggest risk is downloading a virus to your hard drive. This allows your sensitive information to become exposed and easily stolen. Scammers would have access to your passwords, credit card info and other financial data.

Often, malicious ransomware and malware infect your computer without you ever even knowing it. Once you attempt to sign into various accounts online, the email scammers will use a mirroring program to record your actions and they will use that to steal every bit of personal information they can get their hands on.

It isn’t just the post office dealing with these scams—UPS and FedEx also have fallen prey to hackers and scammers. The scary part is the scammers will use official looking logos and websites to make themselves look legit. You will receive notices that look completely official from the shipping companies, making it hard to know when you are dealing with an email scam.

Protecting Yourself

Stay aware! If you get emails that you don’t think you should be getting from either the post office or a major shipping company, do not click links within that email! Even though you may be waiting on a package, it’s better to deal with the company directly, rather than risking a virus by clicking on a link.

Be on the lookout for any phone calls claiming to be employees of any of these agencies. If you are called and asked for sensitive information, never provide that info until you know for sure who you are dealing with!

Look for obvious errors in grammar and spelling on any emails or other communication. It’s usually a dead give-away that you’re dealing with an email scammer.

Never answer texts you aren’t sure about. This, too, can open you up for email scams.

You can never be too careful when it comes to your personal information this holiday season! It’s ok to be suspicious of any text, email or phone call that you aren’t sure about. If you are expecting a package, always deal directly with the shipping company!

For more information on how to protect yourself from email scammers during the holidays, call us today at Tech Sentries! Our number is 843-282-2222.

Remember “Think Before You Click!”

Which Generation Is More Likely To Fall Victim To Online Scammers?

Scammers Myrtle BeachDid you know that elderly people aren’t necessarily the most likely to be scammed online? Well, the Better Business Bureau issued a report stating that its Millennials and Generation X’ers who are the most likely to be a victim of scammers. The reason? The elderly population are far more likely to actually report the incident of a scam before financial loss occurs. In fact, over 90% of them will report it sooner than the younger generation. Even though Millennials and Generation X’ers are far more tech savvy, they are far slower to report being scammed, making them much more likely to lose money as a result.

Oddly enough, many of these younger people never reported the scam activity because they never actually believed they were really a victim. Even though they may feel they are immune to malware attacks and other scammers, none of us are immune to it. Staying aware and being informed is your best defense, no matter how old you are! Knowledge is power when it comes to protecting yourself against online scams. If you fail to report being scammed in a timely manner, your chances of suffering a financial loss will increase dramatically! The elderly population seem to know this.

One other important factor worth noting is that the individual’s online activity can play into becoming a victim of scams. This is because of online shopping and other retail websites visited by younger people. Individuals under the age of 45 tend to shop online much more than the older generation, thereby making them more susceptible to online scammers and malware.

The bottom line for a take-away lesson here is to always be aware of the fact that you are as much at risk for being scammed as anyone else. If you are solicited to spend money, sign up for various websites and their services, or even asked to click on a link you receive in your email, STOP and THINK before you click anything! Make sure that you are spending only in secure websites with secure methods of payments. If you have any questions about what you are seeing, call the BBB and ask them to verify the site or company before you spend any money or click any links that could cost you dearly!

While it is possible to recover a financial loss, it’s very difficult if it is not reported immediately! To get the absolute best protection, call Tech Sentries today! We can apply the best application whitelisting technology which will block unsafe or unwanted programs from ever opening. Let us show you how easy it is to be protected so you can keep your mind on the things that matter most to you!

Just Give Me Your Personal Information and Everything Will Be Fine

A woman visiting a Myrtle Beach resort recently report a scam in which her credit card was charged close to $2,000 – in California!

The scam is neither new nor localized. In 2015 a Memphis hotel guest fell for the same scam and soon discovered $1,000 in unauthorized charges on his card.

Information, Please

Personal Information Myrtle Beach

The scam is simple. The scammer calls the hotel room and identifies themselves as “so and so and the front desk.” He or she goes on to explain that the hotel’s credit card system has crashed or that there was a minor problem with their credit card when they registered. All they need is to read your credit card information to them again over the phone.

The problem is that the call did not originate at the front desk. In fact, it could originate from nearly anywhere, as long as the caller sounds sincere.

Don’t Think You’d Fall for That? Think Again.

What if you were doing research on the internet and a window pops up on a website indicating that the information you want is a “secure file” or “protected document?” It’s not a problem. All you need to do is provide the requested personal information and you will be given access to the file.

Same scam. Different playground. Fooled you! Whether it is done on the phone or on the internet, the scammers are phishing, and you have taken the bait, hook, line, and sinker.

Be Smarter Than the Scammers

A simple rule: Never give out your personal information. The tighter you hold onto it, the less likely it is to be stolen.

A simple question: Was your information really stolen? Or, did you voluntarily give it away.

A simple strategy: THINK before you give out your personal information. It’s nice to be nice and cooperative, but it’s stupid to be stupid and cooperative.

A simple precaution: If you receive an email that asks you to view a secure or protected document by clicking a link, delete the email. Do not open. Do not pass Go. Do not lose $200.00 (or more).

For more information, please call Tech Sentries at 843-282-2222.

Just When You Thought It Was Safe…

safe-modeJust when you thought it was safe in the water … Well, you know the rest of the story.

Just because something looks safe, that does not mean that mean that it is. In fact, it now appears that just because something says that it is safe, no longer means that it actually is.

Unfortunately, that now applies to your computer’s Windows’ OS Safe Mode.

No Safe Is Safe

We should all be aware by now that there is no such thing as a safe safe. The infamous Willie Sutton claimed that there would never be a safe that he could not crack. The theory is simple: If you can figure out how to build a safer safe, someone else can figure out how to break into it.

That is precisely what has happened to Windows’ Safe Mode. That even includes computers with Windows 10’s Virtual Safe Mode, according to a report released on September 15, 2016, by CyberArk Labs.

It’s Kind of Like Judo

The attacks on Safe Mode are similar to the fundamental concepts behind Judo and other martial arts. Leverage the other person’s strengths against them. In this case, the strength is Safe Mode and hackers can now use it against you and your business.

The strength of Safe Mode is that it allows users to boot their PCs and servers using only those tools that are essential to the operating system. Put another way, the computer or server booted in Safe Mode restricts the operation of third-party software. That can – and often does – include security software.

Safe This Way

This new innovation of hack enters through the door where you least expect it – the one that is marked “Safe This Way.” While that may sound innocuous enough, to a safecracker more like an invitation. Hackers see it the same way. We think it identifies a safe route or place. Safecrackers and hackers see it as the route to the place where the safe is.

From the hackers’ perspective, “Once in Safe Mode, logins can be stolen and otherwise with defeated pass-the-hash lateral techniques can be used to compromise other networked machines. A fake login screen can be shown using a COM object technique to emulate a normal boot and cloak Safe Mode. Users who then type in their credentials assuming a normal reboot will hand their logins to attackers.

Once attackers break through the perimeter and gain local administrator privileges on an infected Windows-based machine, they can remotely activate Safe Mode to bypass and manipulate endpoint security measures.

In Safe Mode, the attackers are able to freely run tools to harvest credentials and laterally move to connected systems – all while remaining undetected.”

What Should We Do Now?

Unfortunately, not much. However, we advise the following precautionary measures per CyberArk’s and PC Pit Stop’s advice: Network administrators should

  • cycle privileged account credentials to disrupt pass-the-hash attacks
  • enforce the least privilege by stripping local administrator rights
  • deploy security tools capable of running in Safe Mode.\
  • ensure your operating system and applications are updated
  • run a security scan at least once a week
  • think before you click

Finally, read our newsletters and releases to stay abreast of threats and ways to prevent them. And don’t be afraid of the dark.

For any further information, please contact Tech Sentries at 843-282-2222.

1 2 3 4