Monday, February 3, 2020

ID Agent Speaks with The Cyber Wire Podcast


This week, The Cyber Wire Podcast replayed my conversation in which I discussed the role of monitoring initiatives in helping victims recover from the 2015 data breach at the US Office of Personnel Management, which compromised 4.2 million government employees. 

The data breach is one of the most significant data breaches in history, and it serves as a harbinger for our current data landscape. Hackers effectively obtained a dossier on millions of Americans and monitoring the Dark Web for this information was an enormous, sprawling effort that provided security and peace-of-mind to those impacted by the breach.

Listen to the Cyber Wire Podcast to learn more about the team responsible for restoring and protecting the identities of more than four million government employees in the Office of Personnel Management. Today, this type of data disaster is much more common, and the risk of both companies and consumers has never been higher. At ID Agent, we provide the tools to help protect your customer and company data from falling into the wrong hands.

https://www.linkedin.com/posts/id-agent_the-cyberwire-special-edition-kevin-lancaster-activity-6620354728314363904-Tbmf

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Wednesday, January 22, 2020

Breached Companies

United States - Alomere Health https://www.scmagazine.com/home/security-news/data-breach/breach-of-email-accounts-impacts-50000-patients-of-minnesota-hospital/

Exploit: Phishing attackAlomere Health: General medical and surgical hospital
extreme gauge

Risk to Small Business: 1.777 = Severe: Two employees fell for a phishing scam that gave hackers access to patients’ protected health information. The first breach occurred between October 31, 2019 and November 1, 2019, while a second breach took place on November 6, 2019. In response, the company is updating its email security protocols, an effort that won’t restore the stolen data nor repair the company’s already-damaged reputation. In addition, Alomere Health could face regulatory penalties because of the nature and scope of the data breach.
twib-severe

Individual Risk: 2.285 = Severe: The compromised employee email accounts stored patient data, including names, addresses, dates of birth, medical record numbers, health insurance information, along with sensitive diagnosis and treatment details. In addition, some patients had their Social Security numbers and driver’s license numbers exposed. Alomere Health is offering free credit and identity monitoring services to those impacted by the breach, and anyone affected should enroll in these services. In addition, they should be especially critical of online communications, as the stolen data can be deployed in phishing scams that can collect additional personal data.
Customers Impacted: 49,351
How it Could Affect Your Customers’ Business: Phishing scams are the leading cause of data breaches, but they are also entirely avoidable. With the cost associated with a compromise continually escalating, training employees to identify and avoid phishing scams is a relatively low-cost initiative that can transform employees into a robust defense rather than an imminent vulnerability.

ID Agent to the Rescue: BullPhish ID™ simulates phishing attacks and conducts security awareness training campaigns to educate your employees, making them the best defense against cybercrime. Click the link to get started: https://www.idagent.com/bullphish-id.

United States - Contra Costa Library Systemhttps://www.govtech.com/security/Bay-Area-Library-System-Suffers-Ransomware-Attack.html

Exploit: Ransomware
Contra Costa Library System: Library network
twib-severe

Risk to Small Business: 2.333 = Severe: A ransomware attack disabled the entire library network, impacting all 26 branches. While buildings remain open, patrons have to bring their library cards to a location to manually check out books. The incident will bring significant recovery costs to the library network, which just updated its systems in 2018. For an organization with limited resources, this attack can reduce their ability to meet customer needs and invest in future opportunities.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Ransomware attacks come with high recovery and opportunity costs. Especially for SMBs that operate with more limited budgets, these increasingly common attacks can dampen their financial outlook and prevent them from embracing opportunities in the future. However, ransomware always requires a foothold, and every organization can take steps to ensure that they are not inviting these attacks to damage their business.

ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal Assist™, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

United States - Wyze 
https://www.slashgear.com/report-alleges-massive-wyze-data-breach-but-many-questions-remain-26604513/

Exploit: Unprotected database
Wyze: Low-budget home security company
extreme gauge

Risk to Small Business: 2.222 = Severe: A cybersecurity company identified an exposed database containing the personal details of millions of Wyze users. The breach, which has not been confirmed by Wyze, is an unforced error that could have serious and financial and reputational implications. Smart home technology is often targeted by hackers due to its sensitive nature, and many consumers are already unwilling to work with companies that cannot protect their personal data, especially when it impacts their peace of mind and security.
twib-severe

Individual Risk: 2.428 = Severe: Users’ personal data, including email addresses, list of cameras, camera names, Wi-Fi SSID, API tokens, and Alexa tokens, were all publicly available from the exposed database. Those impacted by the breach should reset their account passwords, enable two-factor authentication, and closely monitor their accounts for unusual activity.
Customers Impacted: 2,400,000
How it Could Affect Your Customers’ Business: Today’s consumers are beginning to make buying decisions based on a brand’s data security reputation. Especially in a sensitive sector like smart home technology, a strong cybersecurity posture is a prerequisite for long-term success. Unforced errors, such as leaving a database exposed, become especially egregious. Of course, mistakes do happen, and businesses need a response plan to contain the event and to identify the scope of the problem as quickly as possible.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

United States - The Heritage Companyhttps://www.infosecurity-magazine.com/news/us-biz-closes-doors-after/

Exploit: RansomwareThe Heritage Company:  Telemarketing and fundraising firm
twib-extreme

Risk to Small Business: 1.333 = Extreme: An October ransomware attack ultimately forced The Heritage Company to close its doors. Shortly before Christmas, the company informed the staff that their operation was no longer tenable, even noting that the CEO was paying salaries out-of-pocket in an attempt to keep business going while systems were unavailable. Unfortunately, three months after the attack, The Heritage Company was no longer financially solvent and chose to temporarily shutter its operations. The company may try to reopen if systems can be restored, but it appears likely that the institution, which existed for 60 years, was put out of business by a ransomware attack.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This incident is an especially prescient warning for SMBs who often have less cash on hand that rely on critical IT systems to manage their operations. As security experts noted, the company’s ultimate failure wasn’t financial solvency but an inability to adopt cybersecurity standards that could have prevented a ransomware attack from crippling their operations. Even simple steps, like implementing two-factor authentication, can keep hackers out of your IT infrastructure, which prevents a potentially-devastating data disaster before it takes place.


ID Agent to the Rescue: With AuthAnvil, you can protect your employees’ password integrity. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/authanvil-multi-factor-authentication.

United States - Children’s Choice Pediatrics 
https://finance.yahoo.com/news/childrens-choice-pediatrics-notifies-patients-232600915.html

Exploit: Ransomware
Children’s Choice Pediatrics: Pediatric healthcare provider
twib-severe

Risk to Small Business: 1.555 = Severe: A ransomware attack encrypted patient data and exposed patient records to hackers. The attack, which was discovered on October 27, 2019, encrypted the healthcare provider’s entire network. When records were restored, the provider discovered that some were irretrievably deleted. In response, Children’s Choice Pediatrics is upgrading its cybersecurity protocols to ensure that they don’t give a foothold to future ransomware attacks. However, the opportunity cost, reputational damage, and recovery expenses will continue to weigh down the practice now and for the foreseeable future.
twib-severe

Individual Risk: 2.285 = Severe: While hackers often encrypt company data to extract a ransom, many are turning to data theft as a means to exact additional money from a ransomware attack. In this case, some patients’ personally identifiable information may have been exposed to hackers. Those impacted by the breach should stay vigilant in monitoring their online accounts and scrutinizing digital communications as this data is often redeployed in phishing attacks that compromise additional data.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Reactive cybersecurity measures can’t undo the damage of a data breach. With the holistic cost associated with exposure at an all-time high, companies have millions of reasons to embrace a robust defensive posture against cybercrime. Often, this means starting by securing accounts using best practices, like two-factor authentication, to keep intruders out.


ID Agent to the Rescue: With AuthAnvil, you can protect valuable IT but securing employee accounts. We offer integrated multi-factor authentication, single sign-on, and identity management solutions to protect your credentials and your data. Find out more at: https://www.idagent.com/bullphish-id.

Canada - eHealth https://ca.news.yahoo.com/ehealth-hit-ransomware-attack-personal-175304050.html

Exploit: Ransomware
eHealth: Private, online insurance marketplace
twib-severe

Risk to Small Business: 2.333 = Severe: A ransomware attack on eHealth has encrypted network files containing the confidential medical data for some Saskatchewan residents. The company was quick to note that no patient data was stolen in the attack. They also acknowledged that business is grinding to a halt as employees are unable to use many of the company’s systems. However, eHealth is not negotiating with the hackers, instead choosing to restore operations on their own, a brave decision that will still come with a considerable cost.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessCompanies are encouraged not to pay a ransom, but every recovery initiative still bears costly implications. Notably, ransomware attacks carry less-quantifiable reputation costs that can have consequences long after system access is restored. Simply put, when it comes to responding to ransomware, the only good option is to take steps to prevent an attack from occurring in the first place.


ID Agent to the RescueWith BullPhish ID, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id.

United Kingdom - Perricone MDhttps://www.bleepingcomputer.com/news/security/card-stealing-scripts-infect-perricones-european-skin-care-sites/ 

Exploit: Malware attack
Perricone MD: Skincare cosmetics brand

extreme gauge

Risk to Small Business: 2 = Severe: The online payment platform for Perricone MD has been infected with payment skimming malware, impacting customers in the United Kingdom, Italy, and Germany. However, hackers were only able to exfiltrate data from one country. Incredibly, the malware was planted on the website more than a year ago, giving hackers plenty of time to refine their efforts to steal sensitive data. For a company that relies on online sales to fuel its bottom line, such an egregious cybersecurity event can be devastating, and Perricone MD will have to work to restore their customers’ trust.
twib-severe

Individual Risk: 2.285 = Severe: Perricone MD customers that made an online purchase in the past year should review their account records and financial details for unusual or suspicious activity. In addition, they should report the incident to their financial institutions to ensure that their accounts aren’t used for additional crimes. Finally, credit and identify monitoring services can continue to monitor customers’ credentials even after the immediate urgency wares off.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessOnline stores are quickly surpassing brick-and-mortar stores as the preferred shopping location for many consumers. Companies that want to compete in this field have to prioritize data security at every level. Customers are demonstrating an unwillingness to spend money on websites that can’t or won’t protect their information, which makes data security initiatives a critical, bottom-line priority for every online retailer.

ID Agent to the Rescue: Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at: https://www.idagent.com/dark-web.

United Kingdom - London Stock Exchange https://www.zdnet.com/article/uk-government-investigates-possible-cyberattack-link-to-london-stock-exchange-outage/

Exploit: Cyber-attack
London Stock Exchange: Stock exchange for the city of London

twib-severe

Risk to Small Business: 1.777 = Severe: Authorities are reexamining an August outage at the London Stock Exchange that was initially attributed to a software glitch. The disruption prevented traders from buying or selling shares for more than 90 minutes, and impacted prices on two stock indexes. The incident could have been caused by hackers trying to destabilize markets for their own gain or even set the stage for a more nefarious scheme in the future. The lengthy time to identification reflects the difficulty that many companies have when identifying and addressing cyber threats.
Individual Risk: At this time, no personal information was compromised in the breach.
Customers Impacted: Unknown
How it Could Affect Your Customers’ BusinessHaving the ability to identify and quickly respond to a data breach is a critical element of any business. Because threats lurk all around us, even the most well-defended companies can incur data loss events. When it comes to data breach recovery, time is money, and a finely-tuned response plans can lessen the repercussions of a breach by allowing companies to recover more quickly.

ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of cybersecurity. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help to ensure you are getting the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

Risk Levels:1 - 1.5 = Extreme Risk1.51 - 2.49 = Severe Risk2.5 - 3 = Moderate Risk*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Friday, January 17, 2020

Thursday, January 16, 2020

Dark Web Trends

ransomware disrupts the holidays, a nonprofit organization has its donor list compromised, and “password” remains a stubbornly popular password. 
Dark Web ID Trends:
Top Source Hits: ID Theft Forums 
Top Compromise Type: 
Domain 
Top Industry: 
Education & Research
Top Employee Count: 
250 - 500 Employees 

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Wednesday, January 15, 2020

Too Many Employees Don’t Change Their Passwords


Data breaches are a constant threat for any company, and a new survey by YouGov research found that many employees aren’t taking even the most basic steps to secure their accounts. According to the survey, which was specific to Ireland but likely represents a globally commonplace approach to password security, 39% of employees haven’t updated their passwords in more than a year. In part, the study found that convenience is a significant factor when determining standards, as many respondents expressed annoyances with security features like Captcha random image or one-time passcodes sent via text or email. 

However, with the number of compromised email accounts growing every day, strong password standards coupled with additional security features like two-factor authentication can significantly decrease the risk of a data breach. It’s an obvious and proactive step that everyone can take to protect their personal and professional data from falling into the wrong hands. 

https://www.independent.ie/business/technology/almost-two-in-five-irish-people-dont-change-online-passwords-and-are-vulnerable-to-being-hacked-poll-38752329.html

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas

Bit by Bit Partners with Arctic Wolf Networks to Tackle Cyberattacks with Managed Threat Detection & Response Service


   

PRESS RELEASE

Bit by Bit Partners with Arctic Wolf Networks to Tackle Cyberattacks with Managed Threat Detection & Response Service

   
New York, NY, January 13, 2020 Bit by Bit has teamed with Arctic Wolf Networks, a leading security operations center (SOC)-as-a-service company to provide threat detection and response as well as vulnerability assessment capabilities to protect against today’s advanced cyberattacks. Arctic Wolf’s SOC-as-a-service provides an enterprise-class SOC, the most essential element of any modern cybersecurity strategy.

The service includes experienced security engineers that manage all security matters using a full spectrum of advanced cyber defense mechanisms for asset identification, vulnerability assessment, network monitoring, and threat detection and response.

"With organizations facing ever-increasing threats to their IT ecosystems, it is essential to have a cybersecurity plan in place,” says Bruce Steinfeld, Bit by Bit Founder and CEO.  “As an IT solutions provider, we take a holistic approach to meeting all our client’s IT needs. By partnering with Arctic Wolf, we are able to enhance our offerings and provide protection against a wider array of threats throughout the entire cybersecurity life cycle.”  

“Arctic Wolf is excited for the opportunity to support Bit by Bit efforts to expand their product portfolio by offering a critical service that many of their customers are specifically requesting,” said Nick Schneider, Chief Revenue Officer at Arctic Wolf. “Cyberattacks threaten companies of every size, and organizations are increasingly seeing the value and protection of a SOC-as-a-service, especially when they don’t have the in-house cyber talent to lead and monitor on-going security needs.”

The Arctic Wolf SOC-as-a-service is anchored by Concierge Security™ teams who provide custom threat hunting, alerting, and reporting. It's purpose-built, cloud-based service offers 24x7 monitoring, vulnerability assessment, compliance reporting, and threat detection and response with fewer false positives.


Don't get left out in the cold in the cybersecurity threat landscape, contact us at info@bitxbit.com to learn more about how our new partnership can protect your organization!
   


Arctic Wolf Networks delivers industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity. Its Managed Detection and Response and Managed Risk services are anchored by the Arctic Wolf Concierge Security Team who provide custom threat hunting, alerting, and reporting. The Arctic Wolf purpose-built, cloud-based SOC-as-a-service offers 24x7 monitoring, risk management, threat detection, and response.  
   

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831