Don’t Be An Accomplice To Cyber Criminals

Vulnerabilities, Phishing, Internet Privacy only relate to big business, right?

Well, we would have to say that you’re totally wrong. Cyber security is a problem for everyone, from the end user at home to the large organization. It is definitely something we all need to be concerned with. Don’t believe me! Well maybe you will after I show you how vulnerable most home computers, mobile phones, tablets, and any other device that connects to the Internet really are.

Yes, we all do the basics when it comes to cyber security. We usually run an antivirus program on our devices, but most of us have overlooked the internet router, a prime target for cyber criminals. Yes, the router is a way in. Unfortunately, you and your Internet provider probably don’t even think about it. Most people simply set up their router once and then forget about it. You never, ever think of the router, unless you begin to have internet problems.

 VPNFilter

The latest malware, known as VPNFilter is targeting the lowly router – and it has already infected over half a million of them.

What is the purpose? Having access to all of these routers gives the hacker a huge botnet of connected devices he can control. A simple command could result in a flash memory deletion causing the router to become completely useless and prevent you from getting on the internet again – until you buy a new router that is.

But let’s say he doesn’t want to block you from the internet. Instead, he wants to spy on your activity, get access to your passwords, credit card numbers, etc. That is what he’s really after. And once the router is infected with this virus, it can be used for almost anything.

Making The Small Internet User An Accomplice

Of course, the biggest danger is making the small user an accomplice in a much larger cyber attack. The biggest danger is that a cyber attacker can use these large groups of connected devices to flood large corporate websites, bringing them offline. In fact, there was a case where the Mirai botnet managed to bring down entire internet services in several states of the US for most of the day. Router-based attackes can be so damaging that the FBI has started investigating – managing to shut down a server using the same VPNFilter malware that cyber criminals use to send commands to infected devices.

What Can We Do About This Cyber Attack?

Unfortunately, there is no real way to tell if your router has been infected. So far Linksys, Mikro Tik, TP-Link and Netgear routers have been hit by malware. But whether your brand of router is one of these or not, it is a good idea for you to take a few cyber security precautions.

Here’s what you can do:

Restart and Update Firmware

Restart the router. Although this will only temporarily disconnect from an infected network, it will give you enough time to update your firmware. You can find out how to update your firmware by going to the manufacturer’s website and going to the downloads section. By updating the firmware you apply the latest manufacturer fixes which secure it from the VPNFilter malware.

You will need your router’s serial number to get the proper firmware. Check on the underside or back side of your router for the make and serial number. Then you log into the administrator panel through your web browser and install the update. Look for the web address to the administrator panel in the instructions packaged with the router.

Normally, you should update router firmware every few months or so since routers do not perform an auto-update.

Change the Default Password

Most routers come with a default password or no password at all. The manufacturer does this on purpose because it helps consumers set up the router easily. Unfortunately, hackers also know the default passwords. Look up the instructions to find out how to change the password via the website offered by the manufacturer.

Turn Off Remote Access

Many routers allow you to access the administrative panel remotely via the internet. This is nice when you first set up the router but you want to turn it off so cyber criminals cannot access and they can also change the settings, especially if you are using the default password that comes with the router.

Do a Factory Reset

If you notice that the router is acting a little wonky and you have tried all of the above tips, do a factory to reconfigure everything from scratch. It is a hassle and it may not get rid of persistent malware but it will restore your device to its original setup allowing you to make necessary changes.

Bottom Line

If you think cyber security does not affect you simply because you only use the internet at home, you would be wrong. Cyber security is something all Americans need to be on the lookout for. Just as you are alert to criminal activity in your neighborhood, you also need to watch out for cyber criminals who may be using your lowly router to build a powerful interconnected network and create havoc on the web.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

 

Chief Information Security Officers (CISO) – The First Line of Defense for Strong Cyber Resilience

The C-suite has a new and immensely important addition. Now, sitting right next to the CEO’s, COO’s and CFO’s is a C-level executive. The Chief Information Security Officer or CISO’s mission  is to deal with cyber security conditions. The corporate position is becoming vital in the corporate world because we face an age of Ransomware, Malware and other vulnerabilities that proliferate on the net.

What Is The Situation?

Criminals and other cyber thieves don’t need blow torches and nitro to pull off a heist anymore. They need and have an arsenal of cyber burglary tools to do it for them.

How Do They Get in So Easily?

People are the weakest link in your chain of cyber threat defense. As such, CISOs know they need to keep their eyes and attention on employees who may inadvertently or intentionally open the door to allow access by unauthorized users.

The big questions that must be asked are: do your employees have the skills to recognize and combat cyber threats and cybersecurity issues? Are you making sure they have the training and the knowledge to stand up to the ever inventive cyber criminals? And are you – as a company – seeking out and securing the services of people with the skills and talents needed to be a line of defense?

A recent research study by ESG and ISSA revealed that 96% said that professionals in cyber-security need to keep their skills on high alert because cyber-foes spend all their time finding new and inventive ways to breach your security.

Unfortunately, even knowing that, organizations repeatedly fall behind when it comes to training. That can be because of perceived high costs, or too little time or other excuses. But as a reminder, the costs of putting things back together and salvaging your company’s reputation will be far greater.

Cyber professionals stated unequivocally that they want more resources to help in the fight. Undergraduate programs don’t teach much of that. For instance, a 2017 study reported that not one of the top 10 computer science programs in the U.S. require it and less that 25% of cyber threat and security professionals believe that their education gave them the skills needed in the real world, with real threats and real professionals working against them.

Because of that, CISO’s may have to do the training themselves or create in-house programs that will do so. And that training needs to include non-tech employees as they are often the portal in by downloading malicious files, opening dangerous links or becoming the victim of a Phishing trip.

So, What to Do?

Make education tools available to all your staff. Create simulations and teach your staff how to react. Use all opportunities to incentivize the use and learning of new skills.

These can and should include:

  • Fundamental security online or on-demand courses.
  • Programs administered by accredited resources.
  • Vendor training so your suppliers know a safe and secure way into your systems.
  • Cyber-security classes, events and simulations. Training labs virtual or actual.

A Word about Virtual Training Labs

They are cost-effective solutions for both new and existing employees teaching safeguards to cyber vulnerability and should have the support of all upper management. Cyber-security should dominate the first days of an employees training and keep being reinforced and updated as new challenges arise.

In the end, it’s more about people than it is about technology, so people are where your defense program must begin.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.

 

 

Credential Stuffing – The Latest and Greatest Way Cyber Crooks May Be Targeting You

You have to hand it to cyber-criminals. They keep finding new and innovative ways to do the same old thing: rob you.

And what they are after is the coin of the realm in today’s worl: Data. It’s like a bucket of gold with a “Take Me” sign on it. And worst of all, you may not even know it’s happening.

Credential Stuffing. What Is It?

It’s a relatively new form of cyber attack where hackers assault a targeted website with stolen logins, and in doing so, they attempt to gain access to online accounts. This gives them access to your Cloud Data, your databases, financial info and more.

Worse, this new cyber infiltration even has the big boys heads spinning. A perfect example is Yahoo. They had two of the largest credential thefts in history. And you know that if a sophisticated company like Yahoo can be hacked, you can easily be hacked.

However, you can protect yourself, and in some cases, do it better than the big guys. So think carefully about what you can learn here. Credential Stuffing is something you cannot afford to overlook and you really must look out for it.

How It Works

It’s not all that complicated to understand. Hackers enter a huge number of emails, passwords and usernames and barrage a targeted website until one or some of them stick. On a massive level it can be akin to the old, try and try again, until you get in. Once they do gain access they are free to roam around an existing account until they find what they are looking for.

Can This Infiltration Method Apply to You?

It could. Credential stuffing is now the number one method of cyber attack. A Verizon Data Breach Investigations Report of 2017 revealed a frightening statistic: 81% of surveyed organizations had hacker related cyber breaches where an unauthorized person was able to break in using stolen or weak and easily accessed passwords. This percentage is a huge increase from their 2016 report that showed only 18% had some type of data breach infiltration. Those percentages look bad but the numbers they represent are even worse. Three billion records were leaked on the dark web last year. In fact, when we have gotten a chance to talk to the Cyber security pros, they admit that credential stuffing has quickly outpaced other methods and has become their number one priority.

How Do They Do It?

There are about 4 common ways cyber thieves and hackers get their hands on your info.

  1. They steal your databases. That’s the easiest thing for them to do. Usernames and passwords are readily available on the dark web. If you are unfamiliar with the dark web it is the place where anything from illegal drugs to hit men can be found. Studies have shown a veritable supermarket of passwords and logins for sale there. They are placed there for sale in bulk after they are stolen from companies like Dropbox. Hackers or other nefarious agents can buy, sell and trade these emails that offer access to millions of accounts that they can use in their planned attack.
  2. Leaks. Leaks happen more often than you may think. For instance, they might occur when data is transferred either internally or externally to a data center. These leaks are normally accidental and unintentional but they are a prime source of names and password theft.
  3. Going Phishing. Spamming targets with emails that connect to phishing links are not as common, but it happens enough to make it worth your attention. When a phisherman lands you, he can get plain text usernames and logins which are much easier to hack and use them to get access to your data.
  4. Botnets Are Another Way of Infiltration. Botnets and browser injectors increase the ability of attackers to breach your data security. Simply put, they gather and amass login data each time a user enters their information into online fields. Once in, the botnets are implanted into the compromised browser and automatically capture shared information. These methods are easily and often overlooked because a compromised  browser doesn’t know the botnet is even there.

What, If Anything Can These Infiltrations Do to You?

Even the big boys like Sony, Amazon, Ebay have been reeled in and breached by cyber criminals. They get in often by exploiting an employee’s personal communications, contacts and friends lists. This allow them to easily jump over any computer security firewall.

How Bad Could It Get?

Credential Stuffing will impact more than individuals because the individual users often gives access to hackers to other data. Joe@businessname.com, once uncovered will often open the company to numerous break-ins because if there is a Joe@, there will be a Betsy@. And  even though you may have policies in place that forbid workers from using their devices to sign up for online services, as most parents know, saying no is usually not enough. People are people, and it isn’t always in their interest to keep corporate data safe, or they may not realize that infiltration is a real problem. If they get hacked, all your company data will be at risk and that – in addition to everything else – can become a PR nightmare.

What You Can Do

These are a few quick tips that can help you increase your cyber security. These tips were shared with us by the best cyber security professionals in the world, so be sure to implement them right away.

  • Redo your passwords and make them tough. Yes, most of us are lazy and don’t want to memorize some random series of letters numbers and symbols, but that is the most important thing you can do. Make sure you never duplicate any of your passwords.
  • Enable Two-Factor Authentication – This is a quick, easy and smart move and a worthwhile second layer of security. It requires the logger to receive an additional security code sent to their device to gain access.
  • Use a Password Manager – Using a program like LastPass or PassPack allows you to create a unique and strong password for all online accounts inside a secured online password vault. This can relieve some pressure on employees who have to memorize their passwords or codes.

Last but Not Least

Find yourself a cyber-security expert to go through your platforms to uncover any compromised logins. And make your employees aware of credential stuffing and implement a plan to require employees to use unique passwords and two-factor authentication.

If you would like more information, contact LP3. We will be glad to help you make an informed decision on cyber security for your business or organization.

Scott Lawler is CEO of LP3 and provides enterprise cyber security architecture advice to government and commercial clients.