Monday, December 10, 2018

Infrastructure Organizations Beware


According to the 2018 Verizon Data Breach Investigations Report, 29.2% of reported breaches happen in industries considered infrastructure. These industries include utilities, transportation, healthcare and others that use operational technology systems.

What can organizations that are considered infrastructure do to mitigate these risks? First, let’s take a look at what the risks are, and then how to secure your organization from them.

The first risk is the environment where the organization exists. If there is no inventory of the systems, a lack of security and a lack of understanding of what data is being used, the organization is at a major risk. In order to best combat this risk, one should start by gaining an understanding of overall security posture. If an organization is operating in multiple environments, pick a representative environment and apply what was learned to the other environments.

The second risk is patch management. This is self-explanatory, and its solution is as well. Patch your systems! Running outdated OT systems greatly increases the chance of a breach. Network Segmentation is the third risk, with many OT systems having connections between systems that should not be connected. In order to combat this, develop a plan for network segmentation, that way if one network is breached it is contained rather than spreading.

The fourth risk is the supply chain. It is very hard to control how organizations handle their data, which is why it is important to include security requirements when bringing on new systems, as well as continuing maintenance efforts within their vendor management programs. The fifth risk is a lack of a united front within the organization regarding security. To avoid this, one should foster cooperation and respect between the groups who address cyber threats. Training, communication and cooperation are key here.

With the world becoming increasingly digital, state actors are waging war behind the scenes more and more. A good example of this is Russia crippling Ukrainian infrastructure by launching a cyber-attack on power plants. All organizations are at risk for a cyber-attack, but those that are considered infrastructure should consider that the person trying to hack you isn’t necessarily some kid in his mom’s basement or even a pro hacker. It could be an intelligence agency with hundreds of well-trained specialists trying to see how your systems tick and how to break them.
https://www.darkreading.com/vulnerabilities---threats/vulnerabilities-in-our-infrastructure-5-ways-to-mitigate-the-risk/a/d-id/1333211

Friday, December 7, 2018

United States – HSBC Bank USA


Exploit: Multiple compromised online accounts.HSBC: One of the largest banking and financial services organizations in the world, HSBC is based in London and has offices in 80 countries.Risk to Small Business: 1.888 = Severe Risk: The data compromised in this breach can be very harmful to an individual if in the wrong hands, and customers know this. Customers will second-guess their choice of a bank if their information is compromised and those thinking about setting up an account could very well look elsewhere.Individual Risk: 2.428 = Severe Risk: Those who are affected by this breach are at a higher risk of fraud and should take advantage of the identity monitoring program that HSBC offered to victims.Customers Impacted: Undisclosed at this time.How it Could Affect Your Customers’ BusinessOne of the most important things a financial institution has is the trust of its business partners and customers. No one wants to hand over their money to someone they don’t trust. Any organization loses face when experiencing a breach but when a financial institution fails to secure account numbers, transaction history, and balances, customers will NOT forget it.ID Agent to the Rescue: Spotlight ID™ by ID Agent offers comprehensive identity monitoring that also includes credit monitoring. Learn more: https://www.idagent.com/identity-monitoring-programs
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Thursday, December 6, 2018

Canada – Ontario Cannabis Store/Canada Post

Exploit: Supply chain breach. Gained access to the Canada Post’s delivery tracking tool.
Ontario Cannabis Store: A recreational cannabis store in Ontario.Canada Post: A crown corporation that functions as the primary postal operator in Canada.Risk to Small Business: 2.222 = Severe: Mail is highly personal. Nobody likes the idea of someone scooping a package off his or her porch (around here they are called porch pirates). The same idea applies to postal data. Even though the Canada Post was the organization compromised, the customers of the Ontario Cannabis Store suffer. Those customers are likely to take their business elsewhere especially given the newly legal status of the product.Individual Risk: 2.714 = Moderate: Those affected by this breach are more likely to fall victim to identity theft and become targets of phishing emails. While this breach is moderate, this is a special case given those exposed are customers of a recently legalized drug. Those exposed could possibly face social/ business repercussions after their use of cannabis becomes public.Customers Impacted: 4,500 customers / 2% of the firm’s customers.How it Could Affect Your Customers’ BusinessThe legalization of cannabis in Ontario has not been a smooth transition, and with this breach of Canada Post that reveals the names of the Ontario Cannabis Store’s customers the situation only gets stickier.ID Agent to the Rescue: SpotLight ID™ by ID Agent offers comprehensive identity monitoring that can help minimize the fallout from a breach of this type.Learn more: https://www.idagent.com/identity-monitoring-programsRisk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

[Heads-Up] Bad Guys Love Marriott: 500 Million Data Breach Is Phishing Heaven

[Heads-Up] Bad Guys Love Marriott: 500 Million Data Breach Is Phishing Heaven 

So, I guess we have just reached the tipping point, it's "privacy game over" for business travelers.

For about 327 million of the 500, the breached data includes names, mailing addresses, phone numbers, email addresses, passport numbers (!), Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences.

The company said in a statement that it discovered "unauthorized access" to the database, which extended back until 2014. In some cases, payment card numbers and expiration dates were also taken, but Marriott said it's unclear whether the hackers have information to decrypt the payment card numbers.

Marriott said it has set up a website for consumers impacted by the hack, at info.starwoodhotels.com, and a call center. "Call volume may be high, and we appreciate your patience," the company said. Starwood is sending an email to all addresses affected.

Here is where the bad guys come in.

You can expect a raft of phishing attacks that try to exploit this data breach, either by using just scare tactics, or by using actual data from the breach itself to make it look as real as possible.

If you are a KnowBe4 customer, we strongly recommend you inoculate your users and send a simulated phishing attack to your users that uses this Marriott data breach as the theme.

Two new phishing templates and a landing page have been added to our Current Events phishing templates category. Use them to prepare your users before the bad guys use social engineering tactics and trick them. Each template leads to a fake Marriott login page to mimic a credentials phishing attack.

Grab these template and landing pages and send it to either all users, or if you have a Smart Group containing your frequent travelers, that would be the first priority.

If you are not a KnowBe4 customer yet, we suggest you step your users through this free module that is available until the end of December 2018! “Safe Travels For Road Warriors" is a 12-minute animated course with lots of interactivity for those that travel for business—and some very helpful tips for personal travel too.

You will find this module as step 5 of a blog post with some practical advice for business travelers here:
https://blog.knowbe4.com/the-massive-marriott-data-breach-some-practical-advice-for-business-travelers

Monday, November 26, 2018

Infrastructure Organizations Beware


According to the 2018 Verizon Data Breach Investigations Report, 29.2% of reported breaches happen in industries considered infrastructure. These industries include utilities, transportation, healthcare and others that use operational technology systems.

What can organizations that are considered infrastructure do to mitigate these risks? First, let’s take a look at what the risks are, and then how to secure your organization from them.

The first risk is the environment where the organization exists. If there is no inventory of the systems, a lack of security and a lack of understanding of what data is being used, the organization is at a major risk. In order to best combat this risk, one should start by gaining an understanding of overall security posture. If an organization is operating in multiple environments, pick a representative environment and apply what was learned to the other environments.

The second risk is patch management. This is self-explanatory, and its solution is as well. Patch your systems! Running outdated OT systems greatly increases the chance of a breach. Network Segmentation is the third risk, with many OT systems having connections between systems that should not be connected. In order to combat this, develop a plan for network segmentation, that way if one network is breached it is contained rather than spreading.

The fourth risk is the supply chain. It is very hard to control how organizations handle their data, which is why it is important to include security requirements when bringing on new systems, as well as continuing maintenance efforts within their vendor management programs. The fifth risk is a lack of a united front within the organization regarding security. To avoid this, one should foster cooperation and respect between the groups who address cyber threats. Training, communication and cooperation are key here.

With the world becoming increasingly digital, state actors are waging war behind the scenes more and more. A good example of this is Russia crippling Ukrainian infrastructure by launching a cyber-attack on power plants. All organizations are at risk for a cyber-attack, but those that are considered infrastructure should consider that the person trying to hack you isn’t necessarily some kid in his mom’s basement or even a pro hacker. It could be an intelligence agency with hundreds of well-trained specialists trying to see how your systems tick and how to break them.
https://www.darkreading.com/vulnerabilities---threats/vulnerabilities-in-our-infrastructure-5-ways-to-mitigate-the-risk/a/d-id/1333211

For more information checkout our website at www.bitxbit.com or call 877.860.5863

Friday, November 16, 2018

Hackers are Bundling Up This Fall.

Well, it’s nearing the end of the year. You know what that means: it’s time for the ‘best of 2018’ collections to start coming out. One category is Best Movies of 2018… personally, I think The Incredibles 2 is at the top of that list. Another category is Best of Ransomware. Yes, there is a ‘best of the year’ collection for cybercriminals. To the surprise of no one, the ransomware collection is being sold on the Dark Web, but there are many surprising elements to the bundle.
First off, the fact that the year’s most dangerous ransomware variants are being sold as a package deal at a reduced price should show the... professionalism… of the Dark Web marketplaces, as strange as it is to use that word to describe cybercriminals. This crime-as-a-service model is nothing new, but this bundle is undoubtedly a step above the norm. There are 23 ransomware variants included in the bundle, including SamSam. Yes, the notorious SamSam ransomware is included in the bundle. If you don’t know what SamSam is, it is a variant of ransomware that is infamous because of the high-profile targets it has been used against and because until now, it was under lock and key deployed only by a highly specialized group.
This bundle is not for inexperienced hackers, however, which would be worse than the current situation. An unskilled hacker would find difficulty putting most of the bundle to use. The bundle will be removed from the marketplace after sold 25 times, according to the seller, although it is unclear why this is the case. Don’t let one of the hackers who buy this bundle use it against your business! See last week’s The Week in Breach for tips on avoiding ransomware.


Need help? Give us a call at 877.860.5831

Thursday, November 15, 2018

Webinar | Is Your Business Protected Against the Dark Web? Find Out Now!



http://pages.icpro.co/archive/bWVzc2FnZV8zNDA5NDMzXzI4OF8xMTIwXzIwNzAz


Did you know that your digital credentials can be sold for $1 in the secretive corners of the Dark Web? It's a small price for a cyber crime that steals your identity, breaches your data, and could cost your company millions. 
User names, passwords, business applications, and online services -- they're all vulnerable to lurking cyber criminals. They're easily compromised and you might not even know it until it's too late.
Worried yet? You should be.
Find out if your critical assets are exposed before the damage is done with Dark Web Monitoring, a cutting-edge threat intelligence and identity monitoring solution.
In this webinar, you will learn:
  • What makes up the Dark Web & why it's so lethal
  • How everyone in your organization is at risk of exposure
  • The ways Dark Web Monitoring provides real-time awareness of compromised credentials before identity theft or data breaches occur
  • How Dark Web Monitoring will safeguard your business & protect your assets, employees & customers from threats
Sign up to attend this webinar & receive a free, one-time scan of your ID credentials to see if you're exposed!

Register here:

Infrastructure Organizations Beware