Over 1.4 billion passwords found on the Dark Web. That’s almost 5 times the population of the United States.
1.4 billion records detailing passwords, usernames. Basically credentials to all sorts of social media and personal email accounts. Passwords that even novice hackers can exploit to get on your network.
Why should you worry about all of these—presumably old—password on the Dark Web?
continue reading
Phishing seems to work. Whether you’re a large familiar brand name or a small business. Whether you invest in your security every month or not (though those that get phished and have security in place are able to easily recover from phishing attacks). The fact of the matter is that employees do get phished if they’re unsuspecting.
No matter how hard you protect your network with latest technology, there’s always going to be someone that brings in a device or that works from home and gets duped into handing over credentials (by allowing criminals to key log every single action on their computers).
I’ve been warning of phishing attacks for a while now—for some more details see one of my latest videos on phishing attacks.
continue reading
I’ve worked with all sorts of organizations in healthcare and beyond and have come to one conclusions. Whether in rural hospitals or clinics with HIPAA compliance pressures. Be it the many companies that depend on credit card processing (PCI compliance). Or even local credit unions that have faced stricter NCUA security regulations in recent years.
All of these organizations are the same in many respects. The common denominator to security vulnerabilities often befall non-compliant and unaware 3rd party providers.
I have reviewed so many networks in the past 10 years—an uncountable number—and can confidently reaffirm that 3rd party vendors are often the reason I end up sending my team in to clean up networks from ransomware attacks, help address issues with failed security compliance audits. And even helping leadership teams understand and evaluate the risks they take on when simply handing the keys to their kingdoms over to vendors that they haven’t adequately vetted.
continue reading
Ransomware in 2018 has become something of a special beast. Unlike at other times, the inventions this year have produced infections targeting victims rather than randomly hunting for vulnerable targets. Targets have been craftily selected—these cybercriminals have devised a complete marketing strategy focused to speak to a very specific group of people. And their messages are so focused and specific to their targets (through effectively integrating social engineered campaigns) that many of these targets fall hook line and sinker.
Ransomware attacks the likes of some of the latest SamSam attacks have devastated entire city governments, shuttered hospital systems, EHR platforms and other businesses large and small are testaments to the effectiveness of the modern ransomware attack. They also underscore how widespread under-preparedness plagues business large and small.
continue reading
The Egyptian pyramids and Great Wall of China were built to last forever. Microsoft products not so much. With increasingly short life cycles, most IT departments need to vigilantly evaluate their technology—including software and hardware—to determine when is the most cost-effective time to replace their systems, which includes workstations, servers, phone systems, and software.
Over time, old technology becomes too slow and too vulnerable to cyberattacks that software developers like Microsoft prefer to eliminate the old stuff to focus their attention on more highly used systems.
Windows Server 2008 has less than two years of extended support left. At which time Microsoft is completely dumping support. What can you expect if you choose to hold on and are using this old server after January 1, 2020?
continue reading
Thought ransomware was history? Think again!
Medical testing giant LabCorp remains in a state of disarray after a ransomware attack struck its offices over a week ago. The company is not saying how hackers got in, but one thing is certain—the impact is huge!
I’m sure many of you have already heard the devastating news of LabCorp, but if you haven’t the company reported “suspicious” traffic going over their network last Sunday. After evaluating what was going on, LabCorp’s IT department verified that patient records were impacted.
Several cybersecurity experts were able to verify the presence of SamSam virus on the network. SamSam is notorious for crawling networks quickly and infecting everything in its path (along with encrypting all files it comes across). With LacCorp, this SamSam attack is particularly bad. Experts estimate that over 1900 servers were impacted, amounting to likely millions of records.
continue reading