Thursday, March 26, 2020

Coronavirus Phishing Scams Capitalizing on Fear & Urgency

As concern over the Coronavirus (COVID-19) spreads around the globe, hackers are exploiting the  atmosphere of panic and fear created by the pandemic to steal peoples’ personal information. According to a recent report, more than 4,000 Coronavirus-related domains have been registered since the beginning of the year. Experts consider 3% to be outright malicious, and 5% are categorized as suspicious – more than double the usual number. Hackers are likely to target organizations with phishing attacks in an attempt to steer employees toward these malicious sites where they can steal critical data. 

The World Health Organization has already issued a warning about Coronavirus-related phishing attacks that purport to be from to their organization, and CISA has released several warnings about the emerging threat of COVID-19 related phishing scams. Taken together, it’s a reminder that while phishing scam awareness training is an effective defense against cybercrime, security education isn’t a static endeavor. It must always adapt to address today’s shifting threats in order to keep your organization a step ahead of tomorrow’s bad actors. 

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Coronavirus Scams - Great advise from the Arlington PD


It has been brought to our attention that scammers have already begun trying to take advantage of people regarding the coronaviris (COVID-19) pandemic. Here is some information to remember and how to avoid coronavirus scams: •Do not click on links on your phone or computer from sources you do not know. They could download viruses onto your computer or device. •Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying they have information about the virus. For the most up-to-date information about the Coronavirus, visit the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO). •Ignore online offers for vaccinations. There currently are no vaccines, pills, potions, lotions, lozenges or other prescription or over-the-counter products available to treat or cure Coronavirus disease 2019 (COVID-19) — online or in stores. •Do your homework when it comes to donations, whether through charities or crowdfunding sites. Do not let anyone rush you into making a donation. If someone wants donations in cash, by gift card, or by wiring money, do not do it! Stay vigilant everyone!

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Ever wonder what I am doing when I am not helping my clients with technology?

Taking pictures for River Legacy when when they are reading a 105 pound alligator snapping turtle. This male was not the largest caught the area.




Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

BBB Newsletter: Bit by Bit's Commitment to You During COVID-19


Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Wednesday, March 25, 2020

Upcoming Webinars

Join us for these informative webinars:

MARCH 26 – Global Channel Influencers Webinar 
REGISTER >> 
MARCH 31 – World Backup Day: Threats, Opportunities, and Strategies for MSP Success
REGISTER >>

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Tuesday, March 24, 2020

Cyber Events

Where in the World is ID Agent

Mar 10 Kaseya Connect IT Local – Vianen, Netherlands
Mar 11  ID Agent Roadshow – Houston, TX
Mar 11  Kaseya Connect IT Local – Dusseldorf, Germany
Mar 11  Kaseya Connect IT Local – Columbia, SC
Mar 11-13  CharTec Quarterly – Bakersfield, CA 
Mar 19  ChannelSec – London, UK 
Mar 25-26  ASCII City Tour – Houston, TX 
Mar 31 Kaseya Connect IT Local – Philadelphia, PA

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

Free Coronavirus Cybersecurity Support Resources!


The Coronavirus (COVID-19) pandemic continues to disrupt the normal flow of business. We know that this is causing challenges for our Partners and clients, and we’re committed to doing everything that we can to support you. We’ve put together some resources that address cybersecurity threats during this difficult time, and we’ll keep providing you with news and tips about protecting data and systems during this crisis to read and share in our blog.   
We’re on top of staying responsive to this rapidly evolving threat environment and monitoring the Dark Web. If we can be of service don’t hesitate to contact us – we’re still working to stay one step ahead of the bad guys.  

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Bit by Bit's Commitment to You During COVID-19

https://info.bitxbit.com/blog/our-response-to-you-during-covid-19


Bit by Bit's Commitment to You During COVID-19

I’d like to take a moment to touch base with you during these uncertain times and hope that you are safe and well. The rapidly progressing COVID-19 pandemic has upended our lives and unleashed an unprecedented paradigm shift in business, affecting us all. We want to reassure you that while we embark into new territory, we remain a reliable, steady, and committed resource.
In keeping with the recommendations of the CDC, most of our staff is working from home during this crisis. But, we’re still here for you. Our account reps, technicians, and help desk are on high alert, ready to provide you with the exemplary levels of service that you have come to expect from Bit by Bit.  
Your safety and our safety drive our actions right now. And, we have developed temporary protocols for services whether it’s fax, managed services or other.

For Our Fax Clients:
We offer you a silver lining in all this chaos. The disruption will be minimal. As most of our fax support is remote, we will continue to service your fax needs with our customary high standards.

For Our Managed Services, Application Development & Other Clients:
We have implemented specific guidelines for servicing your IT. We will only deploy our technicians to a site if you are facing a mission-critical crisis. However, we will be ever vigilant and continue to remotely work closely with you to manage your day-to-day IT operations and concerns.

For Our Clients Utilizing Remote Access:
As our clients have begun to advise staff to work from home, we have begun transitioning many of you over to remote access. We will continue to do so. Please keep the following in mind and contact us before making any changes to employee guidance:  

1.  Employees may require remote access to workstations.  We partner with LogMeIn to securely provide this capability to our customers. This is the recommended solution wherever possible.

2.  Some organizations continue to rely on VPN access (FortiClient or other SSL VPN.) This should be tested and evaluated for security risk prior to expanded use.  Adding VPN users also causes a performance impact which must be considered if an unprecedented number of users are connecting. 

We don’t know how long this will last. But we do know that we are on this journey with you. We will continue to monitor the situation and keep you updated. If you have any questions, or if you have emergencies that require immediate attention, please call our direct support line 212.616.3080.

Thank you for your business.
Bruce Sig Trans



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Monday, March 23, 2020

60% of UK Consumers Impacted By a Data Breach in 2019


As expected, 2019 was a devastating year for data breach victims. As more year-end studies are completed and released, we’re learning more about who was effected the most. According to a recent report, nearly 60% of UK consumers were impacted by a data breach last year, a staggering total that underscores the personal implications of the more than 7,000 data breaches that affected UK companies in 2019.
The report noted the potential consequences of such an extensive breach environment, including cybercriminals using the sensitive personal and financial information that they collected from users as a gateway to deploy other cyberattack tactics like spear phishing that can compromise sensitive information, data, and systems even more severely. 
Although the number of breaches hasn’t increased significantly, the amount of compromised records has escalated. The number of records that have been compromised has tripled since 2018, surpassing 15 billion this year. This 300% year-over-year increase should encourage companies to seek solutions that can monitor the Dark Web for their data to preempt further hacking attempts. At the same time, training employees to identify and neutralize increasingly sophisticated spear phishing campaigns is an absolute prerequisite for a capable defensive posture in 2020. https://securityboulevard.com/2020/02/almost-60-of-uk-consumers-affected-by-data-breaches-in-2019/

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831

20 Ways to Block Mobile attacks



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Social Engineering Red flags



Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Webinars on Cyber Security

Upcoming Webinars

Join us for these excellent webinars in the next few weeks:

MARCH 26 – Global Channel Influencers Webinar 
REGISTER >> 
MARCH 31 – World Backup Day: Threats, Opportunities, and Strategies for MSP Success
REGISTER >>

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5863

Friday, March 20, 2020

Breached!

United States – Visser Precision

Exploit: Ransomware. 
Visser Precision: Parts manufacturer for space and defense contractors. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2.111 = Severe:
Visser Precision was infected with data exfiltrating ransomware that stole  proprietary information before encrypting IT systems. Based on documents published online, it appears that hackers obtained company data, including a list of clients, nondisclosure agreements, and some development plans. This incident reflects a growing trend in ransomware attacks – cybercriminals are increasingly stealing company data before encrypting critical IT systems, and organizations don’t detect it until it’s too late. 
Individual Risk: No personal information was compromised in this breach. 
Customers Impacted: Unknown. 
How it Could Affect Your Customers’ Business: Ransomware attacks not only negatively impact productivity and manufacturing, they also negatively impact growth. Companies like Visser Precision have many high-profile and mission-critical clients. Cybersecurity incidents can put those organizations at risk, making them less likely to do business with companies that have data security issues. 
ID Agent to the Rescue: Helping your SMB customers understand the importance of security is no easy task. With Goal AssistTM, we offer hands-on assistance with your direct sales interactions, setting you up for the win by providing the resources necessary to make a case for Dark Web monitoring. Learn more here: https://www.idagent.com/goal-assist.

United States – Riverview Health 

Exploit: Accidental data sharing. 
Riverview Health: Healthcare provider. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2.333 = Severe:
On January 14, 2020, an employee inadvertently sent notification letters that intermixed patients’ names and addresses. The messages were delivered to the appropriate addresses, but they included the incorrect patient name. In today’s digital landscape, even small clerical errors can have significant consequences as both customers and regulators look to punish companies that fail to secure personal information. 
Individual Risk: 2.714 = Moderate:
Patients’ names and addresses were compromised in the breach. Riverview Health maintains that the risk of data misuse is very low, but victims should still be aware that this information can be used for nefarious purposes and take precautions to ensure that their information is secure. 
Customers Impacted: 2,610
How it Could Affect Your Customers’ Business: The biggest threat to your data isn’t cybercriminals, its human error. With customer blowback and regulatory penalties increasing, every organization needs to take steps to mitigate the risk posed by staff mistakes. Implementing protocols and increasing training about the pitfalls presented by phishing attacks and data sharing errors can significantly reduce your organization’s exposure to a data breach. 
ID Agent to the Rescue: With BullPhish IDTM, MSPs can provide a more complete picture of a company’s security posture and potential risk, transforming the weakest links of an organization into their strongest points of protection. Find out how you can get started with us here: https://www.idagent.com/bullphish-id

United States – J Crew

Exploit: Unauthorized database access. 
J Crew: Clothing retailer. 
Risk to Small Business: 2.111 = Severe:
J Crew identified a data breach that took place in April 2019. In response, the company has disabled all impacted accounts, and advised all customers to reset their account credentials. The incident follows cybersecurity lapses at other prominent retailers at a time in which many consumers are shunning companies that don’t secure their information. The lengthy identification and reporting time will likely open the organization up to additional regulatory scrutiny that could further erode its brand reputation and bottom line. 
1.51 – 2.49 = Severe Risk
Individual Risk: 2.428 = Severe:
Hackers accessed customers’ account login credentials, email addresses, and passwords. Partial payment card data and order information was also compromised. The company has closed the impacted accounts, but all J Crew customers should take steps to protect their personal information. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: With threats coming from multiple directions, every organization must enact strong cybersecurity defenses to ensure that they are ready to address potential threats and keep their clients’ data safe – and avoid the brand-eroding fallout that comes from a cybersecurity disaster. In doing so, they can minimize the consequences of a breach, keep customer data off the Dark Web, and promote a rapid recovery. 
ID Agent to the Rescue: We go into the Dark Web to keep you out of it. Dark Web IDTM is the leading Dark Web monitoring platform in the channel. Our award-winning platform combines human and sophisticated Dark Web intelligence with search capabilities to identify, analyze, and proactively monitor for an organization’s compromised or stolen employee and customer data. Schedule a demo today: https://www.idagent.com/dark-web/#contact

Canada – Charlottetown, P.E.I.

Exploit: Ransomeware. 
Charlottetown, P.E.I: Provincial government. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.666 = Severe:
One week after this provincial government experienced a ransomware attack, internal government documents began appearing online. Specifically, financial reports, bank statements, and payment details related to its Agriculture Stability Program. Unfortunately, hackers noted that the released information represents just a portion of a 200 GB cache stolen from the government. This tactic is increasingly common with a ransomware attack and multiplies the damage done by the incident. 
1.51 – 2.49 = Severe Risk
Individual Risk: 2.285 = Severe:
Hackers released program documents that included sensitive data like names, SIN numbers, contact information, and business details. This information can be used to execute spear phishing scams, sold on the Dark Web or tapped to perpetuate other malicious activities. Those impacted should carefully scrutinize digital communications and monitor accounts for unusual or suspicious activity. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business:  Ransomware attacks were already one of the most costly and devastating cyberattacks. Hackers are upping the stakes by stealing data before encrypting critical digital infrastructure. Now the cost and impact of lost data is part of the equation when considering the recovery expenses, productivity decline, and reputational damage that already accompanies a ransomware attack.  
ID Agent to the Rescue: All of that stolen data can end up on the Dark Web, leading to even more serious consequences. Dark Web ID monitors the Dark Web to find out if your employee or customer data has been compromised. We work with MSSPs to strengthen their security suite by offering industry-leading detection. Discover more at https://www.idagent.com/dark-web/

Canada – Simon Fraser University 

Exploit: Ransonware.
Simon Fraser University: Public academic institution. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.555 = Severe:
A ransomware attack provided hackers access to personal data that they then exfiltrated from the university’s network before encrypting certain IT elements. The breach effects some faculty, staff, students, alumni, and retirees who had a relationship with Simon Fraser University before June 20, 2019. Although the breach was limited in scope, the school recommends that users reset their account passwords. The incident was discovered on February 27, 2020 and contained within 24 hours, but the university will still face regulatory scrutiny and possible public backlash due to the sensitive nature of the event. 
1.51 – 2.49 = Severe Risk
Individual Risk: 2.142 = Severe:
Before encrypting the school’s network, hackers accessed student and employee names, numbers, birth dates, email addresses, mail list memberships, course enrollments, and encrypted passwords. This information can be used to craft convincing phishing scams that, if acted upon, can compromise even more personal data. Those impacted should carefully evaluate incoming messages requesting confirmation of personal data and take steps to ensure that their information isn’t being misused. 
 Customers Impacted: Unknown.
How it Could Affect Your Customers’ Business: Already a major menace, hackers have upped their game when executing ransomware attacks, making incidents even more costly, invasive, and destructive. Every company needs to review its defensive posture to ensure that it is taking the basic steps necessary to mitigate the risk of ransomware. Since this malware always requires a foothold, every company can actively take steps to prevent it from being the next victim. 
ID Agent to the Rescue: It’s critical that your SMB customers understand the importance of dynamic cybersecurity in response to today’s evolving threats. Goal Assist is an expansion of our White Glove Support that includes hands-on assistance with your direct sales interactions. Let us help you get the most from your Partnership selling Dark Web ID. ID Agent’s Partner Success Team will set you up for the win! Learn more here: https://www.idagent.com/goal-assist.

United Kingdom – Loqbox 

Exploit: Data compromise.
Loqbox: Credit score builder. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.777 = Severe:
A cyberattack on February 20, 2020 compromised customers’ personal data and payment information but didn’t impact customer funds. The company admitted that the breach occurred because of a known vulnerability, raising questions about the priority of data security at the fintech startup. Now Loqbox is poised to experience significant customer blowback and regulatory scrutiny as it falls under the purview of Europe’s GDPR. 
1.51 – 2.49 = Severe Risk
Individual Risk: 2 = Severe:
The breach included personal information that could be used to target customers with highly convincing spear phishing emails. In addition to customer names, hackers acquired their dates of birth, addresses and phone numbers, plus financial data like partial credit card numbers, expiration dates, and bank account numbers. Those impacted by the breach should immediately notify their financial institutions and strongly consider enrolling in credit and identity monitoring services. 
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Over the past several years, data breaches have compromised billions of login credentials, giving hackers front-door access to your data and systems. Every company should add improved security to its login process by enabling simple, efficacious measures like two-factor authentication to keep accounts secure. 
ID Agent to the Rescue: With AuthAnvilTM, integrated multi-factor authentication, single sign-on, and identity management solutions protect your users’ login credentials and your data. Find out more at https://www.idagent.com/authanvil-multi-factor-authentication.  

United Kingdom – Cathay Pacific

Exploit: Unauthorized database access. 
Cathay Pacific: International airline. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2 = Severe:
Cathay Pacific was recently hammered with a fine totaling £500,000 as a result of its failure to identify and address a data breach that lasted for more than four years. While the ruling offers a 20% discount if Cathay Pacific pays the penalty by March 12, the penalty is still a significant financial hit to the international airline. The company was cited for multiple “security inadequacies” including failing to encrypt databases containing customers’ personal data, a slow response to a known security vulnerability, and lengthy communication delays that further jeopardized customer information.  
1.51 – 2.49 = Severe Risk
Risk to Small Business: 2.428 = Severe:
The data breach included a treasure trove of Cathay Pacific customers’ personal data, including names, nationalities, birthdates, phone numbers, email addresses, mailing addresses, passport information, and other company-specific information. Those impacted by the breach should be sure to reset their airline account credentials and any other accounts using similar information. In addition, they should be aware that this kind of data is often used to develop sophisticated, personalized spear phishing attacks that further compromise personal information. 
Customers Impacted: 9,400,000
How it Could Affect Your Customers’ Business: Regulatory penalties are on the rise as regulators and legislators seek to punish companies that incur a data breach without having adequate data security protocols or incident response plans in place. In this case GDPR’s governing body issued the fine, but governments around the world are imposing substantial fines on companies that fail to protect their customer data – and those fines are climbing every day. 
ID Agent to the Rescue: With Compliance ManagerTM, any company can automate data privacy standards and documentation responsibilities, making compliance a simple, intuitive process for everyone. Click the link to get started today: https://www.idagent.com/compliance-manager

Australia – Alinta Energy 

Exploit: Unauthorized data sharing. 
Alinta Energy: Private energy and gas company. 
1.51 – 2.49 = Severe Risk
Risk to Small Business: 1.777 = Severe:
Alinta Energy is under intense scrutiny after a whistleblower exposed the company’s improper storage of customers’ personal information in overseas storage. This possible violation of Australia’s privacy laws could have a significant impact on its bottom line. At the same time, the brand erosion and degradation of customer trust engendered by this situation could magnify the consequences for Alinta Energy. 
1.51 – 2.49 = Severe Risk
Individual Risk: 2.428 = Severe:
According to the whistleblower, customer information including addresses, credit card information, and phone numbers are being stored overseas. Customers should be aware of this compliance oversight, taking special care to review their accounts and to advocate for their personal information to be adequately protected and managed. 
Customers Impacted: 1,100,000 
How it Could Affect Your Customers’ Business: Today’s global data privacy landscape is expansive and convoluted, making it challenging for any company to adhere to the many new laws hitting the books. But this challenging landscape isn’t an excuse for companies to fail at compliance. Instead, they need to attain the resources and support necessary to ensure that they have the infrastructure in place to adhere to the flurry of emerging data privacy regulations. 
ID Agent to the Rescue: Compliance Manager automates data privacy standards, eliminating guesswork and ensuring efficiency at every stage. Learn more at https://www.idagent.com/compliance-manager

Risk Levels:
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.

Bit by bit helps client networks run smooth and secure.. visit our website at www.bitxbit.com/texas 877.860.5831