Posts Tagged ‘Cyberattack’

What Would You Do If The Internet Went Dark?

Tuesday, October 25th, 2016
Data Security Planning - Ohio CPA Firm

Once again, weak usernames and passwords were to blame although, unlike in the past, individual users weren’t the primary culprits. According to United States security researchers, hackers utilized common electronic devices, such as DVRs, webcams and digital recorders, to execute a complex internet-wide attack. Read on to find out what you can do to protect your devices, your cloud-based data and yourself.

These days it’s not uncommon for our lives and our businesses to be managed almost entirely online. From our communications and calendars to our thermostats and security systems, while the internet may have made us more efficient, it has also made us more vulnerable. And these days, the safety of our networks and databases are never guaranteed – a lesson that was made abundantly clear after last week’s massive cyberattack.

Weak Usernames, Passwords Are (Once Again) To Blame

As most of you already know, some of your favorite websites took a hit last week. And as much as you may have wanted to take to Twitter to vent your frustration – you couldn’t. So, what happened? Once again, weak usernames and passwords were to blame although, unlike in the past, individual users weren’t the primary culprits. According to United States security researchers, hackers utilized common electronic devices, such as DVRs, webcams and digital recorders, to execute a complex internet-wide attack. The massive distributed denial-of-service (DDOS) attack was made possible thanks to weak default usernames and passwords found in the internet-connected hardware. This attack was the result of a Mirai botnet attack, which is specifically designed to scan the internet for poorly secured products and then access them through easily guessable passwords like “admin” or “12345.” Earlier this month, after security experts gained access to the botnet’s source code, which was released to the hacker community, it was discovered that the botnet was designed to try a list of more than 60 combinations of user names and passwords. Officials with Level 3 Communications, a provider of internet backbone services, estimates this recent attack was also the result of a Mirai malware attack that infected more than 500,000 devices.

Read Also: Cloud-Based Data Storage Solutions Aren’t Risk-Free

Unlike botnets that typically rely on PCs, Mirai malware targets internet-connected devices that have weak default passwords, making them easy to infect, said Michel Kan a correspondent for PCWorld. More botnets like Mirai will appear unless the hardware industry can move away from default passwords. Hangzhou Xiongmai Technology Co Ltd, a Chinese electronics component manufacturer, said because its products inadvertently played a role in last week’s cyberattack the manufacturer will recall some of the products it sold in the U.S. The Chinese company said the security flaws associated with its products were patched in September 2015 and that its devices now ask customers to change the default password when used for the first time. However, products running older versions of the firmware are still vulnerable. Users with older versions of the company’s products can still protect themselves by updating their product’s firmware and change the default username and passwords or simply take their products offline by disconnecting them from the internet.

Protect Your Devices

Do you own a device that connects to the internet? Take the following precautions to prevent a hacker from infiltrating your system:

  • Check for updates regularly.
  • The first time you pull your device out of the package, change the password.
  • Disable features and services that you don’t need or won’t use.
  • Turn off your devices when they aren’t in use.
  • Pay close attention to your privacy settings.

Protect Your Cloud-Based Data

A lot of times, individuals and businesses will consider cloud-based data storage solutions to be more secure, but the way I see it, if it’s online, it can be hacked – regardless of how many safety protocols you may have in place. Criminals continue to look for new ways to infiltrate our online devices therefore, it is reasonable to assume, that they are looking for cracks in the cloud-based security solutions as well. This article will give you more insight into the risks you may be taking on if you were to move all your data to the cloud.

Protect Yourself

For more information and insight about protecting yourself online, read my comprehensive whitepaper: Cybercrime: The Invisible Threat That Haunts Your Business. By Joe Welker, CISA (New Philadelphia office)

Check out these articles for more helpful cybersecurity insight:

Top 5 Reasons Why Every Business Should Have A Business Continuity & IT Disaster Recovery Plan

How To React To A Data Breach

Can A Cybercriminal Crack Your Company’s Network?

Share Button

How To React To A Data Breach

Tuesday, August 2nd, 2016
Data Breach | Columbus Cybersecurity Series | Ohio CPA Firm

Would you be able to effectively manage the fallout of a data breach? If you aren’t sure, keep reading.

It was 2013 when a medium-sized library in Ohio found itself in the midst of a data breach that would later serve as a powerful case study warning against the very real threat of electronic fraud. While originally developed by the Ohio Auditor of State’s office as a tool for government entities throughout the state, Cash Management 240: Financial Fraud – A Case Study, has found usefulness beyond just the government sphere.

Leaders of not-for-profit organizations and for-profit business owners would also find value in this resource, which outlines:

  • the events that resulted in the occurrence of the data breach,
  • the reaction of entity officials during and after the breach was detected, and
  • the short- and long-term outcomes that resulted from the breach.

While I strongly recommend that you read the entire case study, I provide a brief overview of the story below.

How would you respond to a data breach?

Library officials were notified of the occurrence of fraudulent activity impacting the entity’s checking account in March of 2013. According to the bank, the fraudulent activity appeared to be limited to three transactions, totaling $144,743. Fortunately, bank officials were proactive in their efforts to recall the transactions.

In an effort to avoid further fraudulent activity, library officials decided to disconnect the accounting workstations from the entity’s network and proceeded to contact their technology vendor, who advised the library proceed with reformatting both accounting workstations immediately. Soon thereafter, library officials contacted the local police station to report the incident, closed the entity’s existing bank accounts and opened new ones, and notified employees of the data breach as well as the board of directors.

Due to the nature of the breach, it didn’t take long before the Ohio Auditor of State’s office and the FBI were notified of the incident as well. And, in an effort to try and reclaim some of the money that was stolen, a claim was filed with the entity’s insurance carrier. Finally, the library’s bank was able to successfully recover $54,910 of the amount that was stolen. In 2014, when the case study was released, the library was still in the process of negotiating with the bank regarding $89,833 that was still missing.

So, what do you think? Would you say that the library officials were effective in their management of the data breach? What would you do if your company or nonprofit found itself in a similar situation?

Well, according to the FBI, the library could have handled the situation better. For example, the library should have not reformatted the workstations. The FBI and local police force should have been contacted immediately. And finally, the entity should have followed all instructions mandated by the bank to eliminate the possibility of such fraudulent activity.

Since it’s 2013 data breach, the library:

  • Is now required by the bank to follow the ACH Originator Agreement.
  • Has designated one stand-alone PC to be used for online banking.
  • Has requested online access from only one IP address
  • Has purchased a cybercrime policy.
  • Revisited its banking RFP to include a section regarding online banking security minimums.

Do you have a plan to help deter cybercrime?

The above scenario is just one of the countless cybercrimes that occur every day and every type of businesses, entity and organizations are being impacted. If you don’t have a plan in place to help prevent cybercriminals from infiltrating your network and stealing your data for financial gain, or a strategy to recover once a breach has been identified, you are in a very vulnerable position.

I believe that in order to protect against a cybercrime attack, it’s important to be armed with as much knowledge as possible. On Sept. 7, 2016, FBI Agent David Fine will be the featured presenter of part two of the Columbus Cybersecurity Series. During this portion of the presentation, attendees will hear real-life examples of attacks on businesses, including what schemes are prevalent today. Audience members will also discover the very real impact these attacks have on companies and what they can do to deter an attack from occurring in their own business or organization.

The Columbus Cybersecurity Series is free to attend, but registration is required. You can RSVP here.

By Joe Welker, CISA (New Philadelphia office)

Share Button