Tag: Hackers

Categories
Casserly Consulting Blog

The Most Devastating Hacks of 2018… So Far

bad_hack_2018_400.jpg

Network security is a crucial consideration for every contemporary business owner, as there are just too many threats that originate from an Internet connection to be overlooked. One only has to look at what businesses of all sizes have dealt with, even within this calendar year, to gain an appreciation for how crucial it is that every business owner consider their cybersecurity.

Here, we’ve assembled a few statistics and examples to illustrate just how serious the threat of cyberattack can be, hopefully inspiring you to prioritize your company’s network security. Consider these cybersecurity figures:

  • In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016.
  • Nearly 1-in-3 organization have experienced some sort of cyberattack in the past.
  • Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017.
  • 100,000 organizations were infected with the WannaCry ransomware (400,000 machines).
  • 5.4 billion WannaCry attacks were blocked in 2017.
  • The average monetary cost of a malware attack is $2.4 million.
  • The average time cost of a malware is 50 days.
  • Ransomware cost organization’s over $5 billion in 2017.
  • 20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation.
  • Phone numbers are the most leaked information.
  • 21 percent of files are completely unprotected.
  • 41 percent of companies have over 1,000 sensitive files left unprotected.
  • Ransomware is growing at 350 percent annually.
  • IoT-based attacks are growing at about 500 percent per year.
  • Ransomware attacks are expected to quadruple by 2020.
  • 7.7 percent of web requests lead to malware.
  • There were 54 percent more types of malware in 2017 than there were in 2016.
  • The cybersecurity market will be worth over $1 trillion by 2025.

If that wasn’t convincing enough, what follows is just an assortment of the attacks that 2018 has seen (as of July). To simplify things, we’ve organized them by the intended targets: public (like individuals and government bodies) and private (such as businesses):

Public
January

  • The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees.

March

  • Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta’s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million.
  • India’s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person’s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database.
  • Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn’t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event.

June

  • A hack of a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials. This also exposed which police departments aren’t able to respond to an active shooter situation.

Private
January

  • 280,000 Medicaid records were exposed when a hacker attacked the Oklahoma State University Center for Health Sciences. Among the information exposed were patient names, provider names, and full names for affected individuals.

February

  • An unsecured server owned by Bongo International, a company acquired by FedEx, leaked over a hundred-thousand files of FedEx customers. Some of the information leaked included names, drivers’ licenses, national ID cards, voting cards, and utility bills.

March

  • Orbitz, a travel booking site, fell victim to a security vulnerability that exposed 880,000 customers’ payment card information. There was also about two whole years of customer data stolen from their server.
  • French news site L’Express left a database that wasn’t password-protected up for weeks, despite being warned about the security issues regarding this.
  • 134,512 records regarding patients and financial records at the St. Peter’s Surgery and Endoscopy Center in Albany, NY were accessed by hackers.
  • MyFitnessPal, an application used by Under Armor, exposed about 150 million people’s personal information to threats.
  • The WannaCry ransomware claimed another victim in Boeing, which stated that “a few machines” were protected by Microsoft’s 2017 patch.

May

  • Thanks to Twitter storing user passwords in a plaintext file that may have been exposed by internal company staff, the social media titan had to force hundreds of millions of users to change their password.
  • An unauthenticated API found on T-Mobile’s website exposed the personal information of all their customers simply through the use of their cell phone number. The following information was made available: full name, address, account numbers, and tax IDs.
  • A bug found in Atlassian development software titles Jira and Confluence paved the way for hackers to sneak into IT infrastructure of several companies and one U.S. government agency.
  • Rail Europe, a popular server used by American travelers to acquire rail tickets, experienced a three-month data breach that exposed credit card information to hackers.

June

  • A marketing company named Exactis had 340 million records stolen from it, but what’s most shocking about this is that they had accumulated information about nearly every American out there. In response to the breach, there was a class action lawsuit made against the company.
  • Adidas’s website was hacked, resulting in a loss of a few million users’ personal and credit card information.
  • A hacker collective called Magecart initiated a campaign to skim at least 800 e-commerce sites, including Ticketmaster, for sensitive information.

Clearly, if these lists are any indication, companies of all sizes need to commit to maintaining their network security, holding it to a higher standard. For assistance in doing so, you can rely on the professionals at COMPANYNAME. We can design and implement security solutions to protect you from threats like these, and others that may rear their ugly heads. Give us a call at PHONENUMBER to get started.

Categories
Casserly Consulting Blog

Hackers Target Major Sporting Events

sport_events_hack_400.jpg

There are literally billions of sports fans in the world, and the popularity of these events brings in big money; and big money typically attracts hackers. Using all types of methods, there has been a history of hacking in almost every sport. Today, we take a look at some of the most famous hacks that have shaken up the sports world.

The World Cup
The FIFA World Cup is one of the, if not the, most popular sporting events in the world. Held once every four years, it attracts the attention of billions of people. Since the event is held every four years, it gives the host city a lot of time to get ready for possible hacker attacks. In fact, each new venue spends years and tens of millions of dollars ramping up on their cyber security.

The 2018 event held in Russia proved to be one of the most successful insofar as there wasn’t a major hack of the tournament in any way. It’s not a coincidence that typically state-sponsored Russian hackers are well known to be at the forefront of a lot of the major international sporting hacks. Fans that visited Russia from abroad during the World Cup were warned (mostly by their own governments) that they needed to be diligent not to fall into any tourist traps that would leave their cyber welfare in the hands of the thriving ecosystem of hackers that call Russia home.

Previously, in the 2014 World Cup in Brazil, the World Cup website was taken down by a distributed denial of service (DDoS) attack and thousands of visitors had their data breached through sophisticated phishing attacks. Each World Cup, especially the next one that will be held in the Middle East (Qatar) for the first time, is a goldmine for hackers.

The Olympic Games
International competitions like the Winter and Summer Olympic Games grab the eye of world for a couple of weeks. Unfortunately for athletes, coaches, and fans from all over the world, they also catch the eyes of hackers. Again, since these events are held every four years there is a long time for administrators to get ready, but that doesn’t stop those inside the host cities (or often outside of them) from trying to get over on the hundreds of thousands of people that show up to watch the events.

At the past Winter Olympics, held in Pyongyang, South Korea, the opening ceremonies were hacked by what turned out to be a Russian hacking collective. The hack caused delays in the festivities and infiltrated the games’ website, so administrators, fearing significant data loss, took down the website. Initially they had masked the attack as coming from North Korea, but it didn’t take long for professionals to ascertain that the hacks were retribution for Russia’s prohibition from the games as a result of a decade-long antidoping policy that found state-sponsored use of performance enhancing drugs; a revelation that many had suspected for decades.

While local hackers spoofed Wi-Fi and targeted athletes and guests during the 2016 Summer Olympics held in Rio De Janeiro, Brazil, Russian hackers from “Tsar Team” and “Fancy Bear” were busy hacking into the Olympic databases to gain access to athletes’ personal information. They subsequently have released some of that information, including information about gold medal gymnast Simone Biles, and tennis legend Venus Williams.

NFL
In the United States, it doesn’t get much bigger than the National Football League. In fact, one study showed that about one-third of all church-going males don’t go to church from Labor Day to New Years. Nearly 30 million people tune in to watch the NFL each Sunday. With this popularity comes attention; and hackers have used this popularity to their advantage.

In 2016 NFL commissioner Roger Goodell’s Twitter feed was hacked with a message that announced that he had passed away. The perpetrator happened to be a teenager from Singapore. In February 2017, 1,135 NFL players had their personal information stolen by hackers when the NFL’s union, the NFLPA, was hacked. Hackers made off with 1,262 people’s personal information, their financial data, their home phone numbers, their addresses and more.

In 2009, a man named Frank Tanori Gonzalez was given an extremely lenient sentence for hacking into the standard-definition communications feed at Super Bowl XLIII with a clip from an adult film that aired unedited throughout the greater Tucson area (the game was held in Tampa, FL).

MLB
Major League Baseball makes over $10 billion a year, and they do a phenomenal job of protecting their brand online. MLB makes a lot of their money in media and has made it a point to prioritize cyber security for league business. With individual teams handling their own cyber security, there have been small hacking cases, but unlike most other sports the biggest hacking scandal in baseball history was carried out by a team executive.

From 2013 to 2014, St. Louis Cardinals’ former scouting director, Chris Correa, repeatedly accessed the internal communications server of former division foe Houston Astros. The Astros had moved to the American League from the National League after the 2012 season, and they had hired former statistician Sig Mejdal from the Cardinals. When Mejdal left St. Louis he turned in his laptop. Using the information he got off this laptop, Correa figured out Mejdal’s new password and started entering the Astros network. For his indiscretions Correa got 46 months in federal prison.

NBA
The most famous hack in NBA history is hack-a-Shaq, which was a strategy used to limit Shaquille O’Neal’s effectiveness by making him shoot free throws (with which he struggled mightily), but there have been a few other hacks that have affected NBA players. The most notable, was NBA player Ty Lawson having his computer hacked and held his personal data for ransom in 2016.

Another situation was what is called a catfishing scam that involved NBA forward Chris Andersen and model Paris Dylan. A woman named Shelly Chartier had used multiple people’s online messaging accounts to manipulate Anderson and Dylan into bad situations. Andersen ended up being raided by the Douglas County sheriff’s department because Dylan was 17 at the time and any digital possession of lewd material would be legally considered child pornography. After investigators uncovered the scheme, Chartier was arrested and sentenced to 18 months in prison. Anderson continued his NBA career and Dylan was able to put the situation behind her and is now is an Internet model.

PGA
Recently, the PGA of America held the 100th PGA Championship at Bellerive Country Club just outside of St. Louis, Missouri. As the golfers were navigating their first rounds, the PGA was under attack by hackers. A message was sent to administrators that read, “Your network has been penetrated. All files on each host in the network have been encrypted with a strong algorthym[sic].” The hackers also sent a Bitcoin wallet number with instructions on how to deposit money.

The PGA of America immediately hired a third-party IT security firm to solve the problem. Since security professionals from all over the world consider these extortion attempts to be futile against the diligence and expertise of security professionals, the line is usually to not pay and hope that the data can be recovered without the encryption key. Only time will tell how the situation is resolved.

Other sports leagues and athletes have had to deal with major problems from hackers over the years, including the English national rugby team’s website being hacked by the Islamic State in Syria (ISIS), and four-time Tour De France champion Chris Froome’s performance data was hacked as a rival team was convinced he was using performance enhancing drugs.

There are dozens of ways that you can fall victim to hackers. If your business isn’t already doing all it can to protect your digital assets, the time is now. Reach out to the IT professionals at COMPANYNAME for more information on the best way to protect your business from outside (and inside) threats at PHONENUMBER.

Categories
Casserly Consulting Blog

Hackers Plus Artificial Intelligence Equals Big Trouble

artificial_hacker_400.jpg

Thanks to the advent of artificial intelligence, cybersecurity professionals have to reconsider how they approach these threats. Machine learning is one option, as it can help today’s modern solutions learn how to be more effective against advanced threats. On the other hand, what’s stopping the other side from also taking advantage of artificial intelligence? The answer: nothing, nothing at all.

If you think about it, this makes a lot of sense, as computers are capable of working much faster than humans. Plus, they are less prone to user error. Hackers have found A.I. to be effective for the deployment of phishing attacks. According to a study conducted by ZeroFOX in 2016, an A.I. called SNAP_R was capable of administering spear-phishing tweets at a rate of about 6.75 per minute, tricking 275 out of 800 users into thinking they were legitimate messages. In comparison, a staff writer at Forbes could only churn out about 1.075 tweets a minute, and they only fooled 49 out of 129 users.

A more recent development by IBM is using machine learning to create programs capable of breaking through some of the best security measures out there. Of course, this also means that we’ll eventually have to deal with malware powered by artificial intelligence, assuming that it isn’t already being leveraged somewhere.

IBM’s project, DeepLocker, showcased how video conferencing software can be hacked. The process involved the software being activated by the target’s face being detected in a photograph. The IBM team, including lead researcher Marc Ph. Stoecklin, has this to say about these kinds of attacks: “This may have happened already, and we will see it two or three years from now.”

Other researchers have demonstrated that A.I. can be used in cyberattacks, even going as far as using open-source tools to make them happen. What do you think about this development? Do you think that these threats are already present, or do you think that the biggest threat is yet to come? Let us know in the comments.

Categories
Casserly Consulting Blog

IRS to CPAs – Hackers are Targeting You

income_tax_calculation_400.jpg

The IRS has issued a warning to tax professionals to step up their cyber security to prevent sensitive taxpayer information from being stolen. CPA firms, large and small, are being targeted by hackers and identity thieves, especially during the high traffic tax season.

CPAs collect and store a treasure trove of sensitive information that is deemed valuable to cybercriminals. This includes client contact information, credit card information, and social security numbers. Plus, the bad guys know that even though smaller, local tax professionals might not have as many clients as a nationwide firm, but the chances that their data is easier to get to makes them a viable target.

How easy could it be for someone to steal all of your clients’ sensitive information? Depending on the security you have in place, it could be shockingly simple. All it takes is parking near a CPA firm and finding an exploit to get connected to their Wi-Fi. If proper measures aren’t in place, that is enough to give the criminal carte blanche access to any data that isn’t properly protected. Then they can simply drive up to the next tax professional in town and attempt it again.

If the hacker wants to save on gas, they could also target hundreds of thousands of tax professionals at once with a single mass email. The email could look like a legitimate message from a client or organization, but contain an attachment that installs malware and instantly gives the hacker access to what they want.

The time to protect yourself (and your clients) is now. The IRS is urging tax professionals to encrypt all sensitive data and ensure that their network is equipped with the proper measures to protect data. Educating employees on how to not get baited into fake phishing emails is also critical. COMPANYNAME can audit your network and help you protect the identities of your clients. Don’t wait. Give us a call today at PHONENUMBER to get started.

Categories
Casserly Consulting Blog

Swipe With Care: Your ATM Might Be Controlled By A Hacker

debit_card_lock400.jpg

One of the most enticing credentials that hackers desire is your credit card number, along with its expiration date and the code on the back. Hackers are also willing to go great lengths to achieve their goal of stealing these credentials, even so far as to make physical changes to automatic teller machines (ATMs) to do so. In fact, hackers will often install skimming devices on ATMs that are so subtle that they can be difficult to detect.

Take, for example, this news article from July 2017 that showcases a rather specific case of ATM skimming. The device in question simply slips over the ATM card reader in a discreet way to give the user the impression that they are using a legitimate machine. Any unsuspecting user could accidentally throw their credentials right to a hacker.

Furthermore, there have been cases of hackers implementing custom hardware into ATMs designed to harvest credentials. These devices are often installed onto ATMs so that they can wirelessly transmit credentials, to perpetrators lurking nearby. Either way, the result is the same; stolen credentials and upset victims.

Imagine waking up, checking your bank account, and noticing that you’re missing the entirety of your checking account balance. Or, even worse, finding out that your account has sunk into the red because someone in a foreign country has purchased your information and used it for their own purposes. How can you keep this from happening to you? The easiest way is to be wary of ATM skimmers in the first place. You should keep the following in mind when using an ATM.

  • Cameras surrounding the machine: If you are in an area where there are plenty of cameras, there will be less of a chance that the ATM will have been tampered with. In fact, most ATMs actually have built-in cameras, but it helps to have some extra caution to take a look around whenever you want to use one.
  • Tampering with the device: Examine the device before you use it. Are there any issues with the way it looks? Are any faceplates removed or devices plugged into it? If there are, you know that it’s not a machine that you can trust.
  • Additional “testing”: Before you insert your card into the device, try jostling the slot to see if it’s something that was artificially placed over the actual reader. Carefully inspect the machine before you insert your card. Spending a few moments to check the device before using it can save you a whole lot of pain in the long run.

What are your thoughts on ATM skimmers? Are you confident that you can identify one that has been tampered with? Leave your thoughts in the comments.

Categories
Casserly Consulting Blog

TheDarkOverlord Solutions Is at It Again! This Time the Hacker Group Is Targeting Schools

ransomware_school400.jpg

While many youngsters enjoy it when their school shuts down, this was likely not the case in Flathead Valley, Montana, where the cybercriminal group ‘TheDarkOverlord Solutions’ targeted the entire Columbia Falls school district. This attack caused the three-day closure and otherwise disrupted over 30 schools, and the personal information of teachers, students, and school administrators was supposedly to be released if the group didn’t receive a ransom payment.

Furthermore, and more alarmingly, parents received reportedly graphic death threats against their children from the group. These threats alluded to an infamous, and still painfully recent, school shooting. This is the first time that TheDarkOverlord Solutions have gone to these lengths as far as is known.

The district server for Columbia Falls was ultimately targeted; records detailing the addresses, medical history, behavioral history, and other pieces of information valuable to cybercriminals were accessed that detailed the personal data of current and former students, their parents, and the school’s staff members. As a result, the 30 schools closed (as referenced above) and weekend events and activities were cancelled. With a heightened security presence, students returned to classes on Tuesday, September 19th.

TheDarkOverlord is no stranger to the news, or to targeting vulnerable individuals. In July of 2017, there was an online sale for a tantalizing data set that would allow cybercriminals to leverage information harvested from healthcare providers, just weeks after putting almost nine and a half million records for sale. These records came from a clinic, a healthcare provider, and a health insurance provider.

Somewhat less threateningly, the same group also took credit for releasing the fifth season of the Netflix hit series Orange is the New Black before its official release date, despite receiving about $50,000 worth of cryptocurrency in ransom from an audio post-production studio.

This piece of history shows why the Columbia Falls school district is right in their decision to not pay the ransom, as it in no way guarantees that the cybercriminal (or group) responsible will hold up their end of the bargain. Even if they do, it only proves that the victims are willing to pay, designating themselves as the perfect target for repeated attacks.

The key to your safety is to ensure your data is secure against the entire spectrum of threats. COMPANYNAME can help you to do so. Call us at PHONENUMBER to get started.

Categories
Casserly Consulting Blog

Artificial Intelligence Can Be Useful To Hackers, Too

ai_head_circut400.jpg

Man matching wits with computer isn’t new territory. In 1830, a locomotive raced a horse to see which was superior in terms of speed and distance. 1956 saw the first time a human played chess against a computer. Today, the time has come when an artificial intelligence has begun to break into a new territory that was dominated by humans for thousands of years: crime.

At a recent technology expo, a human hacker and a sophisticated computer that is capable of machine learning each attempted to spear-phish as many victims as possible through Twitter. For two hours, both entities refined their message in an effort to be more effective against the target. At approximately 1.075 tweets per minute, the human was able to make 129 tweets, 49 of which were successful. The computer was able to make 810 tweets in two hours, which is about 6.75 tweets per minute. In that time, 275 victims were converted.

Even though humans had a higher attempt-to-victim percentage, the machine was able to get 5 times as many victims in the same amount of time.

In a Cylance poll held during ConFab, attendees were asked if criminal hackers will use AI for offensive purposes in the coming year, to which 62 percent answered in the affirmative. Even though no one could cite any specific incidents, the overwhelming consensus among experts is that hackers have already begun using AI. Like all high-tech crimes, AI is a global issue that changes fast and often, making it extremely difficult for law enforcement to find and prosecute perpetrators. Even when they’re able to identify offenders, they often run into issues where the laws and statutes are well behind the technology in question.

Another reason that identifying and combatting AI is so difficult is because there are constant debates among experts around the globe on what exactly constitutes as AI. Think about it like this: millions of people consult virtual assistants, like Siri and Alexa, every day. However, if you ask the majority of them if they were using artificial intelligence, they’d say ‘No.’ In reality, they are both examples of AI being put to use to enhance the lives of its users.

There are a lot of potential uses for AI by cyber criminals. For example, hackers could use machine learning capabilities to write programs that personalize emails with malware attachments. As that technology is developed, there will likely be a time when distinguishing actual email and phishing attacks is nearly impossible. Another probable use of machine learning and AI for hacking is drastically reducing the time and resources it takes to find and exploit vulnerabilities in software though automation.

For a small business, AI might not be not something that you need to concern yourself with – and perhaps it isn’t, at the moment. However, AI is already being incorporated into many aspects of business with great success and many experts feel it will be very important in the near future. What do you think? Would you be willing to give AI a try? Let us know in the comments!

Categories
Security

Tip of the Week: 9 Hacker Profiles You Need to Be Aware Of

b2ap3_thumbnail_cybercrime_classificiations_400.jpg “Hacker” is a word that can bring up many powerful impressions in people. It may very well bring up images of a pale super genius hunched over a keyboard, awash in dim blue light, as it does for many people. However, this extremely specific image does little but pigeonhole the many hackers in the real world into this dramatized caricature.

In reality, there are many different kinds of hacker, each with a preferred target and reason for doing what they do. For your part, it helps to be familiar with the 10 types of hackers you have a chance to encounter.

Amateurs

  • Script Kiddies: There’s a reason that this type of hacker is under the “amateur” heading. These are the hackers who are capable of little more than piggybacking onto larger efforts, or dabbling in the more basic forms of cybercrime. They are little more than nuisances, compared to their hacking compatriots.

The Good Guys

  • White Hats: These ethical hackers, usually security researchers, are those that help the average user by using their skills to keep threats at bay.

Political Players

  • Hacktivists: Using DDoS attacks and website vandalism to humiliate and hobble their targets, these actors are usually part of a larger group, working towards an ideologically driven common cause.
  • Nationalist Hackers: These actors are those that, thanks to their sympathies and patriotic motives, are often given a pass by law enforcement.
  • Nation State Agents: These typically work for a government body, usually in a military or intelligence capacity. They have access to great capital resources, but will not hesitate to use common tools as well.

The Criminals

  • Cyber Mercenaries: These are hackers-for-hire, who will be brought on to assist other cybercriminals for a share of whatever ill-gotten gains there are to be had.
  • Repeat Offenders: These hackers are skilled, yet disorganized, which keeps them from obtaining the profits that other varieties of hackers do.
  • Organized Crime: These are criminal organizations that focus on cybercrime, with a hierarchy that allows them to reap great profits from their schemes.
  • Malicious Insider: These are the criminals who sit inside your walls, actively working to sabotage your efforts and leak critical information to your competition, often for personal motivations.

These malicious insiders are easily the most dangerous threat to an SMB, but that doesn’t mean that the others don’t cause problems as well. In order to keep them all at bay, you will not only need to encourage diligence in the workplace, but also protect that workplace with comprehensive security solutions.

The experts at COMPANYNAME are ready to assist you in securing your business assets against external influences. Call PHONENUMBER to get started.

Categories
Security

Rootkit Hacks are Nasty, But Preventable

b2ap3_thumbnail_rootkits_good_or_bad_400.jpg The challenge for business owners is that there are so many different types of online threats, it borders on impossible to protect themselves from all of them. All of these threats hold limitless possibility to ruin your organization’s operations, either short-term or long-term. One of the most common threats out there is called a rootkit hack, and it’s one that you certainly don’t want to mess around with.

Defining a Rootkit Hack
Rootkits are malware that sit on a device for extended periods of time, often undetected for weeks, months, or even years. In this sense, they are very similar to trojans, which hide on networks and are capable of dodging security tools like antivirus and firewalls. Rootkits, however, aren’t designed to allow for backdoor access at a later date (though they certainly could be capable of doing so). Instead, a rootkit focuses on giving hackers administrator permissions so they can access systems in a pseudo-”legitimate” manner. The unfortunate side-effect for the user is that everything they are using the infected computer to do is being intercepted and controlled by someone else, placing them at the mercy of the hacker.

What’s even more confusing is that not all rootkits place your business at risk. In fact, many organizations that provide technical support for IT assets use rootkits for remote access and maintenance. The problem is that rootkits allow hackers to steal information, which can lead to a disaster.

How a Rootkit Works
The first step in a rootkit’s exploitation is seizing administrator control. Once the hacker has done so, their options are limitless. They can perform tasks such as deleting important files, installing software (like spyware), changing programs, recording keystrokes, and so much more. Hackers could steal vital information like credentials, access logs, or other important data. Furthermore, rootkits are usually software-based, though hardware-based rootkits accomplish a similar role and are arguably easier to identify. Just look for any piece of technology that looks like it doesn’t belong.

How to Prevent Rootkit Hacks
Protecting yourself from hacking attacks doesn’t have to be hard, but the sheer amount of possibility involved with them can be daunting. Rootkits can make their way into your network through the use of infected downloads, phishing scams, malicious URLs, and countless other ways. Always check to ensure the authenticity of what you’re downloading, and make sure to stay away from potential outlets of malware or other sketchy websites known for spreading malicious software.

By keeping these security discrepancies in mind, and by maximizing your use of best practices, you can effectively keep exposure to threats at a minimum. An enterprise-level security solution also goes a long way toward keeping your business safe, along with a firewall, antivirus tool, web content filter, and spam blocker. These solutions all take preventative measures to limit exposure to threats, taking some of the difficulty out of managing network security.

What To Do
If something seems out of place with your computer, disconnect your PC from the Internet and all internal networks immediately. This prevents remote access control and data leakage from rootkit hacks, but most importantly, you isolate the problem so that it can’t spread. If you don’t know how to get rid of the problem, professional technicians like those at COMPANYNAME have your back.

To get to the root of all manners of cyber threats, reach out to us at PHONENUMBER.

Categories
Miscellaneous

Hack a Hospital and Get Blacklisted By Other Hackers

b2ap3_thumbnail_ethics_of_hackers_400.jpg Hackers are notorious for committing cybercrimes and exploiting what seems like everybody and anybody. Yet, just as there exists honor among thieves, there’s an unwritten rule within the hacking community: leave hospitals alone.

Of course, if you’re familiar with the activity of hackers, then you’ve perhaps heard of stories of hospitals and healthcare institutions getting hacked. To be sure, any organization handling healthcare records makes for a tempting target to a hacker. These records contain very personal and sensitive information that can be sold for big bucks on the black market (this is one reason why protection laws such as HIPAA are put into place). However, if a hacker chooses to act on this impulse, they do so at the risk of being shunned by their own.

While it’s one thing to stealthily steal files from a hospital server unit, it’s even more of a dastardly deed for a hacker to unleash a ransomware attack on a hospital network. This is due to the fact that attacks like ransomware will disable a computer until a ransom is paid to the hackers. As you can imagine, if a hospital were to have any of its equipment taken offline, then patients in critical condition would be unable to receive the care they need until the system is back online. Potentially, a move like this could result in death.

What could motivate a hacker to attempt a hack where human life is on the line? For the hacker attempting such a hack, it’s perhaps because the crisis it creates makes for a higher chance of a payout. Compared to hacking a business that’s prepared for a ransomware attack and can afford to brush it off and lose a few hours or a few days-worth of data (depending on when the last backup was made), hospitals must act as quickly as possible to get their system back online, which very well could mean paying the hacker.

What’s worse, even if a hospital pays a hacker’s ransom, there’s still no guarantee that they will regain control of their system, which could translate to a significant loss of life. Given the possibility of such a sad situation, it’s easy to see why hackers will blacklist any of their peers known for going after hospitals. After all, where do the hackers go when they get sick? That’s right, the hospital.

To give you a hacker’s perspective on the matter, ZDNet references a forum where hackers discuss, get this, the ethics of hacking. “Yes, this is pretty sad and a new low. These ransom attacks are bad enough, but if someone were to die or be injured because of this it is just plain wrong.”

While these words may be somewhat comforting for a hospital administrator to hear, keep in mind that there are some hackers who disregard any form of ethics altogether, so the risk is still there. Also, for the average SMB not associated with healthcare, there’s likely no “hacker’s code” protecting your organization from being targeted. In fact, regarding the typical SMB, hackers can build a pretty solid case on why they should pull the trigger on a hack attack.

Therefore, whether your business is in the crosshairs of hackers or not, every organization needs to be prepared and have a security solution in place that can withstand such attacks. This defense plan must include a way to defend against even ransomware, which means backing up your data with BDR and having a means to restore your backed up copy as quickly as possible so that downtime is at a minimum.

To make sure that your business is prepared for anything that a hacker throws at you, call COMPANYNAME today at PHONENUMBER.