Ransomware

Ransomware is software that takes your data hostage and paralyzes your system while waiting for a ransom, most often in cryptocurrency.
Often attackers threaten to disclose certain personal data publicly. Attackers seek to create a sense of urgency and panic by issuing an injunction and sometimes a ransom that increases over time.

Intrusion Into Your Information System (IS)

In this attack, the attackers manage to break into your IS to alter its operation or steal data to resell it. In the first case, we are faced with a desire for destabilization or sabotage. In the second, it is more akin to espionage or theft.
Most of the time, a human error is at the origin of this intrusion which occurs via an email containing an attachment, a visit to a corrupted site, or a connection from an unsecured public network.

Account Hacking

Account takeover is taking control of an account from its owner. From then on, the attackers can access all the functionalities and information this account is entitled to. It can be an email account or social networks but also access to an intranet or management tools.
Most often, the attackers only had to force a password that was too simple or send a phishing email asking you to enter your password. Sometimes, they may use spyware capable of recording letters typed on a keyboard.

Identity Theft

Historically, it was about taking a person’s identity to carry out fraudulent actions. Today, criminals prefer to impersonate companies to trick their customers, place large orders or take out loans.
To do this, they do not hesitate to recreate a complete digital identity with email addresses and mirror sites similar to their victims. Some falsify purchase orders and invoices and even go so far as to register with the commercial register.

Phishing

Phishing, or Phishing in English, is not an attack but rather a way to prepare for future attacks such as account hacking, intrusion, or even Ransomware.
This involves pretending in an email to be a reliable and trustworthy source to deceive the victims and thus obtain confidential information, such as access codes, or encourage them to act: click on a malicious site, open an attachment, install software, enter a form, etc.

Denial of Service Attack or DDOS Attack

A denial of service attack aims to make an online site or service unavailable by saturating bandwidth or mobilizing system resources. This artificial peak in stress considerably slows down the operation. It can go as far as causing a breakdown and, therefore, a system shutdown with the consequences that can be imagined in the case of a merchant site, for example.
It also happens that this type of attack serves as a diversion for intrusions or data theft.

Transfer Fraud

Wire transfer fraud is a variant of identity theft that often uses the technique of Phishing. It consists of contacting an accounting department employee and obtaining from him that he “voluntarily” makes a transfer.
To do this, the attackers can pretend to be a supplier awaiting payment whose bank details have changed. Some even go so far as to pretend to be employees who have changed banks and thus have their wages paid. It can sometimes take several months before the company realizes the deception.
A variant of this type of attack consists of contacting the accounting department, pretending to be the manager or one of his representatives, and asking to execute transfers to accounts abroad urgently. The scenarios have often been very carefully studied to make them believable and create a sense of urgency.

Disfigurement

Disfiguration is a deliberately very visible and sometimes publicized attack that aims to damage the image and credibility of a company by modifying the appearance and content of its website or its accounts on the networks. Most often, the motivations are political or ideological. However, it is not uncommon for this type of attack to be identified as former employees acting out of revenge or on behalf of competitors.

The post Types Of Cyber Attacks appeared first on TechReviewsCorner.

Protect Network Access

Most teleworkers use WiFi, so there is a need to protect network access effectively. Unfortunately, this type of connection is not the most secure today for protecting personal data. To avoid any intrusion into your computer, it is essential to set up a secure password., which you can regularly change. Ideally, this password should be 12 characters long and include numbers, letters, and special characters. Specialized software such as LastPass, Dashlane, or Keeper now makes it possible to find, manage and save secure passwords. To best ensure cybersecurity, avoid connecting to the Internet via a public WiFi network, which is particularly exposed to attacks.
If the company does not offer one, using a VPN (Virtual Private Network) also proves to be an attractive solution to protect the exchange of information. This virtual private network makes it possible to hide the IP address and encrypt the data during authentication, for example. Filtering by MAC address (Media Access Control) offers the advantage of only allowing network access to a limited number of devices.

Update Your Computer

Viruses and other malicious software take advantage of the vulnerabilities of our computers to enter their systems. This is why updating your equipment as regularly as necessary through the computer’s operating system (OS) or specialized software is essential. Windows and Mac OS, of course, regularly offer these updates free of charge. Depending on the OS system preferences, they may be downloaded manually or automatically. Companies must make employees aware of this practice as much as possible.
Also, remember to acquire an effective antivirus, which you will also remember to update frequently. Some are free; others are paid. If the level of protection offered by these 2 solutions does not vary drastically, paid antiviruses always offer additional features, such as WiFi security alerts, ransomware removal (extortion software), hard disk cleaning, or protection against phishing (phishing of personal data). Among paid antiviruses, Norton, Kaspersky, and Bitdefender is the reference.
Particular attention will be paid to the data security of Windows computers. Due to its popularity, this operating system is much more subject to computer attacks than Mac OS.

Adopt Good Practices Daily

The GDPR recommends a few rules to ensure the computer security of your professional tools, whether remote or face-to-face.
Remember to lock your computer when you are away to limit the risk of someone accessing your data.
Avoid working in public places without screensavers, especially when handling sensitive data. Visual piracy is a very real phenomenon. According to a study, 87% of respondents had already noticed furtive glances at their screen from strangers in a public work situation1.
Back up your data daily via a USB drive, external hard drive, or secure cloud service. If you were to be the victim of a cyber-attack, this data would thus remain perfectly protected.
Separate the private and professional spheres, avoiding using the computer for personal purposes (shopping, Facebook, Twitter, other social networks, sports sites, etc.). Today there are nearly 2 billion websites, and not all offer the same security guarantees. The presence of a padlock or the mention of “https” at the beginning of the URL generally guarantees a high level of security.
Beware of suspicious emails; do not click links without checking where they redirect. Email providers rightly ask for your permission to download attachments. In some cases, they may contain malware harmful to your computer3, especially in .rar and .zip archives or Microsoft Office documents.
If you have any doubts about the security of your connection, do not hesitate to inform your supervisor or contact your company’s IT manager.

The post Data Protection – Our Advice For Working From Home Safely appeared first on TechReviewsCorner.

Implement a data protection policy

To ensure data is secure at all times, it’s important to create a data protection policy that outlines how data should be handled by employees. This policy should include clear instructions on when data sharing is acceptable, as well as guidance on password use and device security protocols. Yet, no matter how well you define your procedures and policy, they will only work if you impart their importance to your employees. 

Use secure devices & networks

Businesses should always ensure they are using high-security devices like secure computers, firewalls and data encryption software. Additionally, they should connect to a secure Wi-Fi network while working remotely. Plus, they should consider using virtual private networks (VPNs), which can help protect data when transferring between different networks.

This should also include physical security networks, such as a digital mailbox. Thess allow for security in multiple ways. Services like iPostal1 prevent mail and package theft for your business, but also allow for privacy.  

Password system

Ensure that all data is kept secure by setting up a strong password system. All team members should have unique passwords, and these should be changed regularly or after any data breaches. Passwords should include upper and lower case characters, numbers, symbols and be at least 14-16 digits in length.

Monitor access privileges

Businesses should also ensure that data is only shared with those employees and customers who need it and that their access rights are monitored constantly to avoid data leakage. It’s important to review who has what access to data and ensure those permissions are up-to-date with their position within the company. While your business might not be big enough to warrant hiring a security expert, it’s important to stay up-to-date on the newest issues in the security industry.

Incorporating the use of unlimited residential proxies into a data protection policy can help employees understand how to protect sensitive information. Regularly educating employees on data protection practices and the importance of secure online behavior can create a culture of security within the organization.

Backup & recovery plan

Finally, businesses should set up a comprehensive data backup plan. This should include data stored on both physical and digital devices, as well as data stored offsite or in the cloud. Regularly testing data backups is also essential to ensure data can be recovered quickly and easily in the event of a data breach. While the hope is that everything will be secure, it’s still necessary to prepare for the worst.

In Conclusion

By following these five steps, businesses can protect their data and increase security both online and offline. Data protection is vital for any organization, so it’s important that business owners take the time to make sure their data is secure from any potential threats. If businesses choose to not spend the money to ensure security from the beginning, they will certainly be paying for it in the end. 

The post The Top Five Improvements for Business Security in 2023 appeared first on TechReviewsCorner.

Phishing at Microsoft Teams, Slack, and Co.

Cybercriminals are extremely sophisticated, using pictures of supervisors, deep fakes, or chats on platforms such as Slack and Teams. These attacks are not limited to emails but to various channels and social networks used in the business environment. Deep fakes can even be used to fake a person’s voice and use it in video conferences. Many users have little idea of ​​the phishing threats lurking today, let alone how best to respond. Training that addresses exactly this is an important pillar for corporate security.

Training Helps To Better Protect Networks And Fight Malware

Users should be able to recognize when emails or other messages are not legitimate, even if the sender is supposed to be a manager or other authority figure. However, it is not easy. But users should learn not to blindly open a file or click a link just because the sender appears familiar. Training forms an important foundation for reliably recognizing such emails and what to do if a suspicious email arrives in the mailbox. Fake invoices and documents of this type are also often sent by email to lure recipients into a trap or inject malware. Cybercriminals are now extremely sophisticated. Without appropriate education and training, employees often react incorrectly.

More QR Scams And QR phishing

QR scams direct users to compromised websites. QR codes entice users to quickly and easily access websites on their smartphones by scanning the code. Statistics show that nearly 90 percent of smartphone users have scanned at least one QR code, with over a third doing so weekly. With some delay, QR codes are now spreading in many areas. So users should know how they work and what to look out for when using them.

QR codes are also used in phishing attacks. To do this, the attackers integrate QR codes into phishing emails or other messages. After scanning, a new website opens, and the user is prompted to enter his username and password, for example. Cybercriminals use this technique to undermine the security functions of the email system: it does not recognize the dangerous URLs because the email only contains a QR code. Users should know this and be more careful with QR codes or become suspicious of suspicious QR codes.

Deep Fakes Combined With Spear Phishing

Deep fakes are deceptively real-looking videos or images. They are often used for targeted disinformation or in the field of social engineering. Deep fakes are often difficult to detect but pose a growing threat. They are often used with spear phishing attacks to extract information from the victim specifically. Even if deep fakes are well done, the message is often implausible, or the image/video itself seems inconsistent. What you have to pay attention to can be trained well with the help of professionals. There are now deep fakes in the form of calls. Deep fakes over the phone are often based on text-to-speech technologies combined with the perfect voice fake. Such deep fakes are now able to

Mobile Security

More and more users work primarily on the go on notebooks, tablets, or smartphones. Many mistakenly rely on the security of their smartphones and take phishing attacks or malware on mobile devices less seriously than on a stationary computer. In the prevailing, at least hybrid, work models, employees access corporate networks via various mobile channels. Fake apps and fake URLs are spreading rapidly, creating an additional gateway for cybercriminals. Virus scanners offer little protection. Prudent operation and the right reaction are better in a cyber attack. The almost nationwide switch to remote working or hybrid infrastructures has opened up numerous gateways. This is where training often works wonders.

Cyber ​​Attacks From Within: Insider Threats

Unsurprisingly, company networks are threatened by unknown external attackers and insiders from their own companies. These can be dissatisfied employees, criminals who have been smuggled in, guests, partners, or suppliers. There are many ways to become part of the company, attack it internally, and defeat most external security systems. If employees spy on other employees or try to access data, it is naturally more difficult to counteract abuse. Users should know how to protect their data and ensure that only authorized persons can access their respective computers.

Conclusion

Networks are already vulnerable, and untrained users increase the potential for privacy and data security breaches. Phishing is one of the most pervasive cyber threats, and there are countless ways that phishing can be used to obtain sensitive information. However, companies and users are not defenseless against this. The probability of a successful attack can be significantly reduced through targeted, practical security awareness training.

The post Detect Fake Emails, QR Codes, And Deep Fakes appeared first on TechReviewsCorner.

In today’s article, I want to show you how to create a 100% secure password, or almost, to use when you register for an online site or service. It may seem like a trivial thing, but I assure you that it is not like that! There are many precautions to take when you invent one, and not all of them are so obvious.

You need to have strong passwords because, by now, there are tons of bots (automated programs) that try to steal user accounts by guessing your login credentials. Once logged in, not only do they have access to all your info, but they could also change your credentials and steal your account.

Cyber ​​security is paramount nowadays, and you need to know the precautions to take on the internet. For this reason, I decided to write a tutorial on how to make your password and choose combinations that hackers and bots will have a hard time finding.

How To Generate a Secure Password

Suppose you understand well the risks involved when someone manages to hack into your email account and you have information or photos that you would not want anyone to be able to steal from you. In that case, you will also know how important it is to protect your profile.

The first step is to have rugged credentials to guess or guess, and now I’ll show you how.

Follow the six rules to create a secure password:

• use eight or more characters
• enter combinations of uppercase and lowercase letters
• use at least one number
• write at least one special symbol between #! – @ *
• do not use names, words with complete meaning or dates
• use a different password for each account

Today we are registered on hundreds of sites and online services, and having different login credentials everywhere makes it almost impossible to remember them by heart, even if one creates a pattern to follow. For this, I advise you: in addition to producing them following the instructions above, also use software for their management, which remembers them for you. Soon I will also deepen this point.

Test The Difficulty

You have followed all the rules and advice given so far, and now you are wondering: How secure is my password? When you enter it, on many sites, next to the field where you entered it, an indicator does a quick check and shows you its security level. It usually ranges from weak to vigorous or red to green, but this is not always a reliable measure.

Keep Your Passwords In A Safe Place.

Even if you have taken all the necessary precautions and created a password impossible to guess, if you then write it on a sheet of paper, under your email with which you log in, and leave it stuck on your pc or your desk in the office, you have just wasted so much time for nothing.

On the other hand, remembering such a complicated one by heart is truly a feat. Let alone if you have dozens or hundreds of them. Here comes the problem of managing your passwords: either you have the best memory in the world, or you can’t. You can also create patterns or associate them with something you remember, but as long as you haven’t used it for a while, you still risk forgetting it.

Thankfully you don’t need to do this because you can use a password manager to do it for you. This software remembers all your credentials and keeps them in a safe place. They have several advantages, but there are two that I recommend you use them for.

The first is that you have to remember only one password to access the program, and once you have entered your account, you can recover all the others.

The second is that these online services allow you to carry your passes on any device, as long as you log into your profile. In addition, they are so advanced that they integrate perfectly with the browser. You often don’t even have to go looking for them because they automatically suggest your login credentials when you are on the service’s login page.

One of the best password managers on the market is 1Password which is paid, but if you have a Mac, you have free Keychain Access, or by creating a Google account, you can also use Google Password Manager. However, in the latter case, you must always use Chrome and log into your profile.

Strong Password Generators

If you don’t feel like remembering the rules above and struggling to create a password every time, the simple solution is: to use a password generator.

What is it about? As the name suggests, this is a small program that generates a secure password for you. To create it, this software uses random combinations of symbols, following the rules seen above and always manages to reach a strong password, that is, of high difficulty to guess.

Convenient, isn’t it? You’ll also be pleased to know that you probably don’t even have to look for such a program because your operating system or browser already has this built-in!

If you use Google Chrome or a Mac, for example, every time you need to register somewhere, you will see that your computer will suggest a secure password to use for registration.

The same goes for smartphones: whether you have an Android phone or an iPhone, every time you want to register on some site and find yourself on the registration page, your phone will suggest a secure password.

And you don’t even need to copy it! Your pc or smartphone will remember it for you and associate it directly with your account.

Either way, you don’t have to use it, and you can make your own, but I recommend that you listen to their suggestion. You can also resort to password generators like LastPass or Avast, which, in addition to protecting your PC from viruses, also have solutions for web security, such as a private VPN connection and the ability to create secure passwords.

In Short

A secure password must protect anything that someone can access without authorization. Here I am not only talking about your online services but even that of your computer or even that of your WiFi. Indeed, when someone logs into your network, they may also access much of the data on all connected devices. In this regard, you can read the article on how to change the modem password.

In short, if you want to sleep peacefully, I advise you to follow the advice seen today and, if you have any additional questions, do not hesitate to ask.

The post How To Create A 100% Secure Password appeared first on TechReviewsCorner.

Serverless Security: What Does It Mean?

Serverless functions are code snippets executed in an event-based manner in fully managed infrastructures. With serverless architectures, it is possible to set up complex application systems without worrying about managing the infrastructure: cloud providers take on aspects such as scaling, availability, or provisioning. Many new processes, strategic considerations, and tools are required to secure serverless applications. If users continue to build on well-known processes or procedures, security can no longer be guaranteed in the long term.

In the serverless world, an application usually consists of hundreds of functions. Each of them is relatively simple, but when used together, the application results in an overall system that is mainly more complex. As you can already see in this introduction to serverless security, this principle results in many advantages and disadvantages in terms of IT security.

Serverless Security: The Benefits

Let’s first come to the plus points of serverless security: Since cloud providers take care of the security of the cloud server, the operating system, the runtime, and patching, users have significantly more resources at their disposal – this is probably the most visible advantage. Another is the possible exemplary configuration: Serverless architectures significantly increase the number of possible functions. As a result, identity and Access Management (IAM) can also define several roles. This may not seem particularly advantageous to many organizations at first. However, by choosing the right tools and processes, it is possible to build so-called “shrink-wrapped permissions” around each function. This results in further development of the Zero Trust approach: Each part can only access those resources or services that it is permitted to access. This “least privilege principle” prevents numerous cyberattacks on applications when properly configured.

In practice, the large number of rights can confuse and is often circumvented with an allow policy. However, overarching law is not the point because this would open the door to attacks. It is better to find suitable – namely minimal – permissions; the effort is worth it! If the logic of functions changes in time, the rights can be adjusted at any time. This Least Privilege Principle should also be used for access to third-party systems from the cloud: roles with minimal permissions are created and assigned to the appropriately accessing serverless functions.

Existing concepts are often characterized by large containers stuffed with powers and access rights. With the serverless architecture, a rethink helps: a large number of functions ensure that the effect of each one is quite limited – each position is only allowed a small action. Thus, the small parts exist very briefly before they are subsequently reloaded. This has the advantage that attacking functions can only be abused for a short time before they disappear again. Therefore, it is essential to configure the lifespan of positions as straightforwardly as possible so that many attacks are made almost impossible.

The downside of this coin is that attackers also learn that cybercriminals keep attacking again and again if the duration is short. This is known as Groundhog Day Attack or Groundhog Day Attack. Attacks of this type are very noticeable, so detecting them and stopping them is relatively easy.

The logs of the individual microservices increase transparency. Furthermore, control programs have significantly more opportunities to detect anomalies, and security teams are thus enabled to discover and counteract abnormalities more quickly.

Serverless Security: The Cons

But serverless security also has to contend with disadvantages: More protocols because the resulting transparency can be assessed as advantages and disadvantages. The resulting openness is undoubtedly an advantage, but getting there involves many protocols: hundreds of functions mean hundreds of protocols.

Many functions can also increase the attack surface because they result in numerous entry points for attackers. Of these, some are more accessible to hackers than others. However, the fine-grained authorization concepts bring maximum control for the functions so that an efficient IAM can reduce the attack surface again.

A disadvantage can also be that fixed company perimeters and data centers as boundaries of the company IT are no longer available. Until now, the inside and outside of a company network were firmly defined – serverless security is changing this perception. Are there limits to each function? In every resource? It is important to explain here, not least, to clarify legal issues.

Serverless Security: Common Mistakes

To understand the advantages, it is essential to avoid a few typical mistakes. For example, it is often assumed that the Web Application Firewall (WAF) takes care of the security of all applications. The WAF is traditionally located at the Internet gateway out of the company infrastructure, and it protects web and application services but does not secure all applications. The WAF inspects HTTPS traffic and covers functions triggered by the API gateway. Events on the cloud network started elsewhere are not protected by the WAF. The WAF should not be understood as the only protection program; Security gaps in the network can be closed with specialized security solutions.

A second common mistake is unedited feature permissions—the permissions discussed in the benefits. Functions should not have more leeway than they need – or vice versa: keep access permissions for positions as low as possible. Please take a look at each function and check what it does and what permissions are required for it. This allows you to configure the roles and access approvals precisely, making subsequent adjustments less time-consuming.

Organizations need to understand further that application code does not necessarily have to be homegrown to adopt serverless security. Cloud applications usually consist of numerous modules and libraries. A module often includes countless other modules, making it clear that a single serverless function combines tens of thousands of code lines from different sources. Many application source codes consist of open-source content. Attackers are increasingly attempting to incorporate malicious code into community projects, and Open-source sites like GitHub can do that. If the new version finds its way into cloud applications, the malicious code comes with it.

Another common mistake is trusting the wrong signs of an attack. As described in the advantages and disadvantages of serverless security, the principal increases visibility and transparency. Since the amount of information is growing massively, some companies have hardly any opportunities to read the data and interpret it meaningfully and comprehensively. Artificial intelligence (AI) and machine learning (ML) help: They can automatically increase security in the cloud and efficiently support employees in evaluating logs.

Recommendations For Serverless Security

Follow the Zero Trust approach to increase security: The company network is segmented, and access rights are strictly restricted. In this way, damage following successful attacks can be limited.

You can use code analysis tools (SCA, see above) to monitor your code and that of others. In this way, you maintain a basic level of security and prevent malicious code from being smuggled in. If you also rely on XDR, you can have your entire IT infrastructure monitored automatically, partly based on AI.

Serverless Security: A New Way With New Concepts

As you can see, serverless security is an exciting approach, but it requires a rethink: Away from rigid company boundaries toward many serverless functions requiring protection. Do not just rely on cloud providers’ full-bodied advertising promises, but examine various options. You should also adapt your IT security strategy to the new architecture – and work as precisely as possible right from the start because only then is security also on board with serverless functions.

The post Serverless Security – New Challenges In Securing Applications appeared first on TechReviewsCorner.

Social engineering attacks – the art of getting someone to do things they shouldn’t be doing. The attackers use deeply rooted mechanisms of the human psyche to manipulate their opponents. They turn off healthy skepticism and tempt you to take action with far-reaching consequences. The psychological tricks are amazingly simple.

• Everyone is susceptible to flattery: cybercriminals exploit human weaknesses such as vanity and pride. If employees report in the social networks about their achievements or successes, hackers like to use this information to get sensitive data through flattery.
• Exploiting your willingness to help: Most people have a more or less strong urge to help other people. Hackers take advantage of these noble motives. In doing so, they use seasonal opportunities such as the pre-Christmas period or invent an emergency in which they trust their victims to be willing to help. For example, the attackers pretend to be stressed colleagues under pressure and urgently need support. Especially in large companies, there is a high probability that not all employees know each other and can easily be deceived in terms of company affiliation or skills. Calls for donations during the Christmas season are a popular tool for cybercriminals.
• Build up the pressure and stir up fear:  In a stressful situation, people react differently, and critical questioning often falls by the wayside. The attackers take advantage of this fact and threaten serious consequences or possible penalties if they fail to act. A popular example is overdue fines in fake billing emails. Another method used by phishing scammers is to create artificial time pressure: With sentences like “Act now or an important project is in danger”, the attackers pretend to be superiors or authorities and thus exploit the natural hierarchy in companies.
• Focus on common ground: By citing what they think they have in common, cybercriminals create the necessary trust for their further activities. Reference is made to a recent conversation on a topic or detailed information that theoretically only the person and their conversation partner can know. The attackers obtain knowledge about this from eavesdropping attacks or social media accounts.
• Awaken Curiosity: Human curiosity is still one of the surest ways to capitalize. Cybercriminals prefer to use current topics as hooks. Employees are promised explosive information or “shocking pictures” of current events by clicking on the infected file attachment in an email.
• Reward Promised: Spam and phishing scammers try to appeal to human greed. Simple promises are sufficient for this: a reward or possible benefits, such as employee discounts, are promised. Especially at Christmas time, when providers advertise with extremely cheap deals, and many want to grab them quickly when hunting for the perfect gift, the wave of fraud does not stop.

No one is immune from tall tales, manipulation, or flattery. The social engineering attackers use the information they have gained from eavesdropping or spying on social media. Once they have gained the trust of their counterpart, they try to penetrate deep into the company network with the help of malware-infected email attachments, compromised links or by disclosing sensitive data.

Also Read: Social Media – How It Is Benefitting The Businesses Worldwide

The post These Are The Cybercriminals’ Psychological Tricks appeared first on TechReviewsCorner.

“Ask your doctor or pharmacist about risks and side effects,” or your IT security expert, if you have one. And you should! Because as beautiful as the world of digitization with all its possibilities may be – from smartphones to cloud computing to the Internet of Things – its “side effects” are just as threatening.

Inadequately protected IT systems take their toll and sometimes have existential consequences. The range of possible damage is extensive: repair or replacement costs for individual components, downtime, downtimes, or loss of image. In extreme cases, the company is threatened with bankruptcy.

Threat Situation

For a good eight out of ten industrial companies, the number of cyber-attacks has increased in the past two years, reports Bitkom. But large corporations are targeted by Internet gangsters: what is vulnerable is attacked! More than 70 percent of companies have been victims of cyberattacks in the past two years. The shotgun is used for shooting, and the ammunition is malware that lodges itself in IT systems as a so-called malware infection.

Advanced Persistent Threats

APTs are targeted attacks intended to give the attacker permanent access to a system. This type of attack is usually about data theft. The focus is on selected institutions and companies, mainly from the industrial and financial sectors. The latest methods and developments are used, as the attackers want to remain undetected and use sophisticated evasion techniques. To gain access to a network, the attackers use what is known as spear phishing. This is a kind of social engineering in which specially prepared emails are used to write to company employees and induce them to take any action to gain access to the system.

Attacks on Industrial Control Systems

Many production systems are still running with outdated software for which there are no longer any updates. This opens the door to attackers. The malware mostly gets into the system via phishing emails and exploits known vulnerabilities. In the developments around Industry 4.0, there is a substantial potential risk multiplied by increasing networking.

(D) Dos Attacks

Distributed Denial of Service attacks (D) DoS attacks) are targeted attacks on company servers. The aim of these attacks is not to steal or manipulate data. Instead, the company’s servers and associated services are bombarded with inquiries for so long and intensely until there are sensitive disruptions or they collapse entirely. If the attack is aimed at the webserver, the company’s website can be completely paralyzed in extreme cases. If the spell affects the mail server, incoming and outgoing mail is idle.

On the one hand, these attacks prevent further work with the services. On the other hand, it is damaging to the company’s image if its website or online shop can no longer be reached. (D) DoS attacks can now be conveniently purchased from hacker networks, which increases their occurrence. Hundreds of thousands of “zombie” computers (externally controlled PCs contaminated with Trojans) send data packets to the target server via botnets. As a preventive measure, an emergency plan can be agreed upon with the provider. He can use technical means to detect such an attack and initiate appropriate emergency measures.

Ransomware

Also known colloquially as encryption Trojans, these attacks attempt to block access to your data by encrypting data storage devices and hard drives. After paying a ransom, the Trojan promises to reverse the encryption.

Protective Measures

Virus scanners and firewalls are not enough to cope with this threat, increasing both quantitatively and qualitatively. Often the most significant security risk is in front of the computer. Typical reasons for human error are insufficient qualification, operating mistakes, carelessness or stressful situations. Employees must be made aware of the issue through training. Otherwise, the most expensive investments in defense against external threats will be ineffective. In addition, a code of conduct, which regulates the handling of data in a binding manner for everyone, helps.

Malicious threats are not the only source of threats to IT systems. The “unintentional” threats in the digital age include technical failures such as crashing computers, network overloads, or defective data carriers. Periodic backups, incorrect or missing password management, or inadequate emergency management can be traced to organizational deficiencies. And finally, acts of God such as fire, water, dust, or lightning strikes can also cause considerable damage.

To protect yourself against such threats, your threat situation must be analyzed, and the individual security level determined. Only then can a comprehensive security concept consisting of technical and organizational measures be designed. Because one thing is clear: there is no one hundred percent IT security, and most companies would not be affordable.

The time factor, tight budgets, and the increasing complexity of the subject make it difficult to deal with the topic until it crashes. Only when the child has fallen into the well and the damage has occurred action taken. Don’t let it get that far! Preventive measures are the more effective and cheaper way to protect yourself from cybercriminals.

Also Read: IT Security Is Becoming Even More Critical

The post IT Security – The Shotgun Is Used For Shooting appeared first on TechReviewsCorner.

Email Fraud – Phishing, Malware & Ransomware Increasing Via Email

A few months ago, the Internet Crime Complaint Center (IC3; Complaints Office for Internet Crime ), run by the FBI, published its annual Internet Crime Report (PDF). This report explains the impact of attacks on organizations worldwide and relates to the past year, 2020. The figures mentioned are likely to be alarming: 791,790 complaints were received last year, with more than 4 billion US dollars in total annual losses. The report also shows which risks companies should specifically address:

BEC / EAC & Phishing

In addition to business email compromise, email account compromise (EAC) caused the highest losses, which the IC3 puts at over 1.8 billion US dollars. BEC / EAC and phishing are more significant threats than ransomware. According to the report: Financial losses were 64 times higher than ransomware attacks. These attacks account for a whopping 44% of the total loss! Completely different from the complaints: Overall, they only accounted for 2.4% of all complaints.

The supply chain ecosystem appears attractive for cybercriminals to attack companies indirectly. In particular, imitating and compromising providers turns out to be risky for companies since many organizations unfortunately hardly have an overview of the risks of their providers. There is an increasing number of different BEC / EAC variants:

• Redirecting salary payments,

• Gift card fraud after providers have been compromised,

• Fraud related to acquisitions or mergers,

• Redirecting deliveries or also

• Fabrication with invoices from suppliers/partners.

There were significantly more complaints when it came to phishing: Almost a third of the complaints received by IC3 related to phishing. The fact that the number of complaints almost doubled from 126,640 reports in 2019 to 241,342 complaints in 2020 can prove that the targets of the attack are less the infrastructure weaknesses than the people in the company. With targeted employee awareness-raising, criminal actors can be prevented from successfully exploiting human weaknesses. In our article on phishing protection, we go into different types of phishing and give you tips on how to protect yourself against phishing.

Email Fraud – Criminals Take Advantage of The Corona Crisis

The IC3 report shows that criminals were able to take advantage of the pandemic for their attacks. The year 2020 with the corona crisis was a hit for cybercriminals – that’s why we issued warnings in March and again in December 2020. Pandemic topics were used for general phishing or targeted social engineering attacks: vaccines, aids for companies, or new COVID19 variants spurred the creativity of cybercriminals. Please expect that pandemic topics will continue to be used for attacks in the future.

Malware Like Ransomware Is Gaining Traction.

Email fraud – more specifically, email phishing campaigns – is one of the most common ways of getting infected with ransomware; this is also evident from the IC3 report. There were 2,474 incidents, according to the information in 2020. The losses are put at more than 29 million US dollars. Explosive: The report emphasizes that ransomware losses were kept “artificially low” in the account. The number given does not include information about lost business, wages, lost time, failed devices, or lost files. Reports from FBI field offices were also not taken into account. Accordingly, it can be assumed that the actual numbers related to ransomware are significantly higher.

Not only ransomware but also other malware is relevant to the field of email fraud. In our article “Identity theft on the Internet: What is malware?” We look at different types of malware and give you tips on malware detection.

Study: Pattern Recognition in Email Fraud

In collaboration with researchers from Stanford University, Internet giant Google has looked at patterns that make users the preferred victims of email fraud. Based on data from more than a billion malware and phishing emails, the investigation aimed to find out whether attack victims become targets for any reason. As a result, it could be possible to optimize protection strategies. Indeed, the researchers succeeded in identifying various factors that can increase the likelihood of attack:

The origin of potential targets of attack could already be the first characteristic. After all, 42% of all email attacks target victims in the US, followed by 10% in the UK and 5% in Japan. The researchers found that attackers do not necessarily localize their emails. Instead, the same email template with an everyday linguistic basis is used so that English-speaking users are preferred victims for this reason alone. With these identical templates, criminals try to contact small groups of between 100 and 1,000 recipients for two or three days.

Users whose email addresses were already traded in one of the numerous data leaks in recent years were written to five times the probability of average users. 

For the researchers, the age of potential victims also increased the risk: Email fraud occurs almost twice as often in people between the ages of 55 and 64 as in the 18 to 24 age group. These figures could also go hand in hand with mobile devices: If people only used emails on their mobile devices, the risk of attack compared to people who access emails on different devices was 20% lower.

Overall, the study shows that one could hardly speak of an indiscriminate approach, but there is usually no specific targeting. Therefore, choosing specific targets as attack victims is more likely with BEC / EAC attacks than with phishing and malware attacks.

Also Read: Email marketing In B2B – How Well Are Your Mailings Working?

Protect Yourself From Email Fraud

Knowledge is power – this philosophy also applies to your email security! Therefore, the first way to protect yourself against email fraud is to learn as much as you can about various attack vectors. This is why the study carried out by Google and Stanford University is valuable: it helps to assess how at-risk you as a user are. It is also helpful to know where you stand – and you can quickly test that: With our phishing quiz and our S / MIME test, you can measure yourself against colleagues and test your knowledge. You can also use the following tips to protect yourself efficiently against email fraud:

• Up-to-date: Stay up to date by learning about email scams. It’s straightforward with our support: We report on current developments in our blog and our newsletter.
• Stay Skeptical: Keep your healthy skepticism about your emails. That means: If you receive an email with links and attachments, don’t just click on it, but check the message. Email fraudsters are becoming more and more professional so that fraudulent emails are not always easy to detect. In addition to the origin, check the sender of the message; the source text of your emails provides further information. However, it would help if you also considered the possibilities of email spoofing, i.e., concealing the sender’s true identity and simulating a different identity. If in doubt, call the alleged sender to find out whether the message came from there. Also, keep in mind
• No direct replies: If you find an email suspicious, ideally, do not reply directly. Instead, start a new communication using one of the communication channels used by your company.
• Strong logins: Rely on solid passwords for your email account – and ideally also on two-factor authentication (2FA). We have put together helpful tips for you in the article “Secure passwords: Strong passwords increase security” for creating strong passwords.
• AV Suite: Good antivirus programs also warn you about email scams. It is advisable to read reviews of AV suites regularly because the numerous antivirus programs differ massively in their functions and malware detection.
• Updates: Your AV suite, your email client, your operating system, and all other programs you use should receive regular updates. Ideally, you should apply security patches immediately to prevent published vulnerabilities from attracting cybercriminals.
• Encryption: encrypt your emails! In this way, you not only create confidentiality, integrity, and authenticity but also create competitive advantages for yourself: Industrial espionage is a genuine threat that you can prevent with email encryption and eavesdropping or manipulation by cybercriminals.
• Awareness: We cannot emphasize it enough: The most significant security gap in companies is people. Employees who do not know what types of email fraud naturally cannot protect themselves against it. Therefore: Train your employees because a sensitized team is a safe team.

The post Email Fraud Is The Most Significant Business Loss appeared first on TechReviewsCorner.

Zero Trust: Don’t Trust Anyone!

Zero Trust is not a product but rather a technology philosophy, a framework idea that companies can implement. Zero Trust’s philosophy: “Don’t trust anyone blindly” – only verification can create Trust.

Specifically: Where Does Zero Trust Apply?

In this world full of cyber security threats, companies have a lot to cope with: Mobile workplaces such as the home office want to be just as secure as the company’s workplaces, and in both cases, countless devices and applications are used. The zero trust model starts with the fact that requests are not automatically classified as trustworthy even if they come from the company network.

In principle, all elements – all devices, services, users, etc. – are treated precisely the same way as if they came from open and insecure networks: they are initially not trusted. Following the zero trust principle, neither authenticated users nor end devices nor VPN connections are charged – even if they are generally classified as secure because automatic Trust would immensely increase the risk of data leaks – possibly triggered by internal company employees who move through the network without checking and with absolutely no restrictions.

Specifically, the Zero Trust approach means:

• Network users are authenticated, authorized, and validated in real-time and, if necessary, repeatedly. This serves to ensure the required authorizations. It is not enough to check the identity of the user once.
• The principle of least privilege applies to the zero trust model: identities are initially given the lowest access level. If further cybersecurity measures are added, movements in the network can be considerably limited using least privilege access.
• When implementing these zero trust principles, companies must first define assets worth protecting: data and systems, for example, classified as critical. These assets are covered with a comprehensive platform – contrary to the otherwise prevalent assortment of individual solutions built around individual users.

To successfully implement the Zero Trust model, the interaction of various security applications is necessary: ​​In addition to the three points just mentioned, multi-factor authentication, network, and device monitoring, and behavior analysis and automation must also be considered. Nevertheless, the user experience also has to be suitable to not seduce users into compromising security. This tightrope walk can be achieved using IAM (Identity and Access Management) solutions.

Correctly implemented zero trust models are tailored to all behavior patterns and data points representing everyday life in the company network. Zero trust solutions grant or deny access rights based on various parameters, such as time, location, operating system, device type, or firmware version. Special zero trust tools allow advanced protective measures.

To maintain Trust in the zero trust model, a risk analysis is always necessary – before access to IT resources is granted, they must be fully authenticated and authorized, and security checks on devices and applications are also carried out. The risk analysis must include locations, the context of processing, and users. If anomalies are detected during monitoring, these are generally classified as risks and answered with previously defined security measures.

Advantages And disadvantages of Zero Trust

The main advantage of the Zero Trust principle is obvious: By reducing the risk of attacks, cybersecurity improves immensely. This enhances data protection and data security at the same time.

However, practice, which we briefly introduced above with a few points for consideration, shows that Zero Trust is, unfortunately, more of a security philosophy than a new standard in cybersecurity. Any risks and functionalities are difficult to assess in advance, posing unexpected challenges for the company. This may increase the costs for IT security, and the fact that the systems must be constantly monitored and maintained will not result in any reduction of the expenses or effort.

The zero-trust approach is always interesting: Everything in and outside of the company’s network must be verified before Trust; if necessary, also repeated. This curbs unnecessary network movements and thus can immensely improve security. However, the effort required to implement the zero trust principle successfully is not (yet) feasible for the majority of all companies, so it currently makes sense to deal with the protection of identities. If there will be zero trust solutions in the future that can offer user-friendliness in addition to protecting company assets, it is worth taking a closer look.

The post Zero Trust – No Blind Trust For More Security appeared first on TechReviewsCorner.