Posts Tagged ‘cybersecurity’

What Would You Do If The Internet Went Dark?

Tuesday, October 25th, 2016
Data Security Planning - Ohio CPA Firm

Once again, weak usernames and passwords were to blame although, unlike in the past, individual users weren’t the primary culprits. According to United States security researchers, hackers utilized common electronic devices, such as DVRs, webcams and digital recorders, to execute a complex internet-wide attack. Read on to find out what you can do to protect your devices, your cloud-based data and yourself.

These days it’s not uncommon for our lives and our businesses to be managed almost entirely online. From our communications and calendars to our thermostats and security systems, while the internet may have made us more efficient, it has also made us more vulnerable. And these days, the safety of our networks and databases are never guaranteed – a lesson that was made abundantly clear after last week’s massive cyberattack.

Weak Usernames, Passwords Are (Once Again) To Blame

As most of you already know, some of your favorite websites took a hit last week. And as much as you may have wanted to take to Twitter to vent your frustration – you couldn’t. So, what happened? Once again, weak usernames and passwords were to blame although, unlike in the past, individual users weren’t the primary culprits. According to United States security researchers, hackers utilized common electronic devices, such as DVRs, webcams and digital recorders, to execute a complex internet-wide attack. The massive distributed denial-of-service (DDOS) attack was made possible thanks to weak default usernames and passwords found in the internet-connected hardware. This attack was the result of a Mirai botnet attack, which is specifically designed to scan the internet for poorly secured products and then access them through easily guessable passwords like “admin” or “12345.” Earlier this month, after security experts gained access to the botnet’s source code, which was released to the hacker community, it was discovered that the botnet was designed to try a list of more than 60 combinations of user names and passwords. Officials with Level 3 Communications, a provider of internet backbone services, estimates this recent attack was also the result of a Mirai malware attack that infected more than 500,000 devices.

Read Also: Cloud-Based Data Storage Solutions Aren’t Risk-Free

Unlike botnets that typically rely on PCs, Mirai malware targets internet-connected devices that have weak default passwords, making them easy to infect, said Michel Kan a correspondent for PCWorld. More botnets like Mirai will appear unless the hardware industry can move away from default passwords. Hangzhou Xiongmai Technology Co Ltd, a Chinese electronics component manufacturer, said because its products inadvertently played a role in last week’s cyberattack the manufacturer will recall some of the products it sold in the U.S. The Chinese company said the security flaws associated with its products were patched in September 2015 and that its devices now ask customers to change the default password when used for the first time. However, products running older versions of the firmware are still vulnerable. Users with older versions of the company’s products can still protect themselves by updating their product’s firmware and change the default username and passwords or simply take their products offline by disconnecting them from the internet.

Protect Your Devices

Do you own a device that connects to the internet? Take the following precautions to prevent a hacker from infiltrating your system:

  • Check for updates regularly.
  • The first time you pull your device out of the package, change the password.
  • Disable features and services that you don’t need or won’t use.
  • Turn off your devices when they aren’t in use.
  • Pay close attention to your privacy settings.

Protect Your Cloud-Based Data

A lot of times, individuals and businesses will consider cloud-based data storage solutions to be more secure, but the way I see it, if it’s online, it can be hacked – regardless of how many safety protocols you may have in place. Criminals continue to look for new ways to infiltrate our online devices therefore, it is reasonable to assume, that they are looking for cracks in the cloud-based security solutions as well. This article will give you more insight into the risks you may be taking on if you were to move all your data to the cloud.

Protect Yourself

For more information and insight about protecting yourself online, read my comprehensive whitepaper: Cybercrime: The Invisible Threat That Haunts Your Business. By Joe Welker, CISA (New Philadelphia office)

Check out these articles for more helpful cybersecurity insight:

Top 5 Reasons Why Every Business Should Have A Business Continuity & IT Disaster Recovery Plan

How To React To A Data Breach

Can A Cybercriminal Crack Your Company’s Network?

Share Button

Yahoo Confirms Data Breach, 500 Million Users Vulnerable

Monday, September 26th, 2016
Yahoo Data Breach - Ohio CPA Firm

Yahoo recently confirmed it was the victim of a large-scale data breach, which left more than 500 million users vulnerable two years ago. Read on to learn more.

Just when you think you can breathe a sigh of relief, we’re told to suck that air back in and brace for the inevitable fallout of what is now being considered the largest confirmed data breach of a single company’s computer network to date. According to officials at Yahoo, hackers gained access to more than 500 million user accounts registered with the technology company two years ago. And because so many people use Yahoo for their email, finances, fantasy sports and so on, everybody is being urged to take action immediately – before the cybercriminals have a chance to exploit the stolen data.

Read Also: Cloud-Based Data Storage Solutions Aren’t Risk-Free

Why Worry?

Depending on the type of information you have stored on your user account, there are all kinds of dangers associated with this type of data breach. Yahoo officials confirmed that hackers successfully gained access to user names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions.

If you are one of those people who use the same password across all your online accounts, the recovery process will be difficult. Changing your Yahoo password is only the first step in the recovery process. Because cybercriminals can use the information collected to attempt to log in to other websites, you will also need to comb through your other online accounts to make sure they remain secure.

In the meantime, consider utilizing the following password best practices.

  • Change your passwords quarterly – especially those that protect your email accounts, domain logins and online banking accounts.
  • Use passphrases with at least 12 characters consisting of upper and lower case letters, numbers and special characters.
  • Never share your passphrases with others and, if you enter your passphrase on a public computer, change it once you are able to log on to your account from a secure location.
  • Use two-step verifications whenever they are available.

Think Before You Click

In addition to maintaining your passwords by taking advantage of the best practices listed above, stay vigilant when it comes to email safety. In particular, consider every unsolicited email and communication you receive as untrustworthy. A single click of the mouse can open up the flood gates and can leave your company’s network vulnerable to a myriad of cyber threats.

By Steve Roth, IT Director (New Philadelphia office)

Check out these article for even more password tips:

8 Tips For Crafting A Strong Password

Passwords Are Like Underwear …

Then And Now: Data Security In America Since The Target Breach

Share Button

Help The FBI Find A Defense Against Ransomware

Monday, September 19th, 2016
Help Fight Ransomware - Ohio CPA Firm

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Keep reading to find out how you can help the FBI combat the threat of Ransomware.

The FBI recently released a public service announcement urging victims of Ransomware attacks to come forward and report these cyber infections to federal law enforcement. Doing so, the FBI said in a statement, will “help us gain a more comprehensive view of the current threat and its impact on U.S. victims.

Read Also: Could Your Company Be Ransomware’s Next Victim?

A Closer Look At Ransomware

A computer infection that has been programmed to encrypt all files of known file types on your computer and your server’s shared drive and making them inaccessible until a specified ransom is paid; Ransomware is a very real threat to all businesses nationwide. Once a computer is infected, which usually happens once a user clicks on a malicious link, opens a fraudulent email attachment or unknowingly picks up a high-risk automatic download while surfing the web, it’s all but impossible to regain access to the data that has been infected. Upon discovering that your computer has been infected, you have two choices. You can either:

1)     Restore the machine by using backup media, or

2)     Accommodate the hacker’s demands and pay their ransom.

And both options are less than ideal.

What To Do If Your Company’s Network Becomes Infected

Ransomware infections were at an all-time high in the first several months of 2016, according to various cybersecurity companies, and because new Ransomware variants are emerging regularly, the FBI needs your help to determine the true number of Ransomware victims.

“It has been challenging for the FBI to ascertain the true number of Ransomware victims as many infections go unreported to law enforcement,” the agency stated in its recent announcement. “Victims may not report to law enforcement for a number of reasons, including concerns over not knowing where and to whom to report; not feeling their loss warrants law enforcement attention; concerns over privacy, business reputation, or regulatory data breach reporting requirements; or embarrassment. Additionally, those who resolve the issue internally either by paying the ransom or by restoring their files from back-ups may not feel a need to contact law enforcement.”

Read Also: How Much Is Your Data Worth To Criminals?

Reporting a Ransomware attack on your company’s network is not only beneficial for you, the information you provide will help the FBI as it works to identify ways to prevent future attacks. Your reports will:

  • Provide law enforcement with a greater understanding of the threat
  • Help justify Ransomware investigations
  • Contribute relevant information to ongoing Ransomware cases

Help Arm The FBI With Information

The recent PSA released by the agency requests that all Ransomware victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center. Be sure to have the following details available and ready to provide to the respondent when prompted (if applicable).

  1. Date of Infection
  2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
  3. Victim Company Information (industry type, business size, etc.)
  4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
  5. Requested Ransom Amount
  6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
  7. Ransom Amount Paid (if any)
  8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
  9. Victim Impact Statement

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Click here to read the FBI’s complete announcement.

To learn more about protecting your business from cybercrime, download the free whitepaper, “Cybercrime: The Invisible Threat That Haunts Your Business.”

Share Button

How To React To A Data Breach

Tuesday, August 2nd, 2016
Data Breach | Columbus Cybersecurity Series | Ohio CPA Firm

Would you be able to effectively manage the fallout of a data breach? If you aren’t sure, keep reading.

It was 2013 when a medium-sized library in Ohio found itself in the midst of a data breach that would later serve as a powerful case study warning against the very real threat of electronic fraud. While originally developed by the Ohio Auditor of State’s office as a tool for government entities throughout the state, Cash Management 240: Financial Fraud – A Case Study, has found usefulness beyond just the government sphere.

Leaders of not-for-profit organizations and for-profit business owners would also find value in this resource, which outlines:

  • the events that resulted in the occurrence of the data breach,
  • the reaction of entity officials during and after the breach was detected, and
  • the short- and long-term outcomes that resulted from the breach.

While I strongly recommend that you read the entire case study, I provide a brief overview of the story below.

How would you respond to a data breach?

Library officials were notified of the occurrence of fraudulent activity impacting the entity’s checking account in March of 2013. According to the bank, the fraudulent activity appeared to be limited to three transactions, totaling $144,743. Fortunately, bank officials were proactive in their efforts to recall the transactions.

In an effort to avoid further fraudulent activity, library officials decided to disconnect the accounting workstations from the entity’s network and proceeded to contact their technology vendor, who advised the library proceed with reformatting both accounting workstations immediately. Soon thereafter, library officials contacted the local police station to report the incident, closed the entity’s existing bank accounts and opened new ones, and notified employees of the data breach as well as the board of directors.

Due to the nature of the breach, it didn’t take long before the Ohio Auditor of State’s office and the FBI were notified of the incident as well. And, in an effort to try and reclaim some of the money that was stolen, a claim was filed with the entity’s insurance carrier. Finally, the library’s bank was able to successfully recover $54,910 of the amount that was stolen. In 2014, when the case study was released, the library was still in the process of negotiating with the bank regarding $89,833 that was still missing.

So, what do you think? Would you say that the library officials were effective in their management of the data breach? What would you do if your company or nonprofit found itself in a similar situation?

Well, according to the FBI, the library could have handled the situation better. For example, the library should have not reformatted the workstations. The FBI and local police force should have been contacted immediately. And finally, the entity should have followed all instructions mandated by the bank to eliminate the possibility of such fraudulent activity.

Since it’s 2013 data breach, the library:

  • Is now required by the bank to follow the ACH Originator Agreement.
  • Has designated one stand-alone PC to be used for online banking.
  • Has requested online access from only one IP address
  • Has purchased a cybercrime policy.
  • Revisited its banking RFP to include a section regarding online banking security minimums.

Do you have a plan to help deter cybercrime?

The above scenario is just one of the countless cybercrimes that occur every day and every type of businesses, entity and organizations are being impacted. If you don’t have a plan in place to help prevent cybercriminals from infiltrating your network and stealing your data for financial gain, or a strategy to recover once a breach has been identified, you are in a very vulnerable position.

I believe that in order to protect against a cybercrime attack, it’s important to be armed with as much knowledge as possible. On Sept. 7, 2016, FBI Agent David Fine will be the featured presenter of part two of the Columbus Cybersecurity Series. During this portion of the presentation, attendees will hear real-life examples of attacks on businesses, including what schemes are prevalent today. Audience members will also discover the very real impact these attacks have on companies and what they can do to deter an attack from occurring in their own business or organization.

The Columbus Cybersecurity Series is free to attend, but registration is required. You can RSVP here.

By Joe Welker, CISA (New Philadelphia office)

Share Button

Business Podcast Heats Up In July

Thursday, July 28th, 2016

Regular listeners of unsuitable on Rea Radio already know that the summertime lull had no effect on the show’s quality. July has been an entertaining and informative the month for the Rea & Associates’ podcast. From discussing the many reasons American consumers should support locally-owned businesses (Self-Reliance: Made in America) to this week’s episode about cybersecurity concerns, (The Hacked & The Hacked Nots) featuring Rea’s own Joe Welker, CISA. Listeners also got a spoonful of crisis communication advice and insight from Denny Lynch, Wendy’s former senior vice president of communications (The Infamous “Finger In The Chili” Incident) and then learned that LLC’s, C-Corps and S-Corps were not created to be equal in the world of entity structure (Maximize Your Equity: Maintain The Right Business Entity) form Gene Spittle, CPA, PFS, CGMA. In short, there was literally something for everybody to listen to and enjoy.

Want to hear what you’ve been missing? Check out this month’s episodes below.

Happy listening!

Episode 38: Self-Reliance: Made In America

Long days, vacations, barbecues, baseball … what’s not to enjoy about summer?! It’s also the time of year when we celebrate what it means to pursue the American dream. And, for many, this dream materializes in entrepreneurship and, going a step further, buying American-made products as a way to support a strong domestic economy. Kyle Stemple, CPA, CGMA, principal and director of manufacturing services at Rea & Associates, talks about the value of “buying American,” and the direct impact consumers have on America’s marketplace and the quality, customer service and product support we receive from domestically-run businesses.

Episode 39: The Infamous ‘Finger In The Chili’ Incident

Remember the time America began checking their Wendy’s chili for rogue fingers? Denny Lynch does. As the senior vice president of communications at the time of the crisis, Denny and his team was not only responsible for helping disprove the claim, but to maintain the brand’s image and reputation as one of the nation’s premier fast food restaurant brands. On episode 39, “the infamous ‘finger in the chili’ incident,” Denny and Mark discuss crisis communications and why clear, consistent internal and external communication strategies are critical when businesses have to protect their brands from unforeseen crisis situations.

Episode 40: Maximize Your Equity: Maintain The Right Business Entity

How much thought did you put into how your business would be structured. Did you consider whether economic conditions would be more favorable if your company operated as a LLC (Limited Liability Company), C Corp or S Corp? Were the tax implications weighing heavily on your mind as you wrestled with this important decision? Your business’s structure is not a decision to be taken lightly and Gene Spittle, CPA, PFS, CGMA, a principal at Rea & Associates, will tell you why on this episode of unsuitable on Rea Radio.

Episode 41: The Hacked & The Hacked Nots

Lack of cybersecurity training has left companies nationwide vulnerable to the ever-growing and constantly changing threat of cybercrime. On episode 41 “The Hacked & Hacked Nots,” we learn why many companies are incorporating third-party software to monitor and protect their firewalls to determine which sites are safe and which ones should be avoided at all costs to help protect you from cybercriminals. Joe “Captain Data” Welker, CISA, Rea & Associates’ IT Audit Manager, joins us once again to give listeners some valuable insight into current cyber hacking and internet threats and what we can do to keep ourselves, and our businesses, safe. You are not gonna want to miss this episode!

If you like what you hear, subscribe to unsuitable on Rea Radio on SoundCloud or iTunes or sign up to receive weekly email alerts when new episodes drop.

Share Button