Posts Tagged ‘hackers’

Yahoo Confirms Data Breach, 500 Million Users Vulnerable

Monday, September 26th, 2016
Yahoo Data Breach - Ohio CPA Firm

Yahoo recently confirmed it was the victim of a large-scale data breach, which left more than 500 million users vulnerable two years ago. Read on to learn more.

Just when you think you can breathe a sigh of relief, we’re told to suck that air back in and brace for the inevitable fallout of what is now being considered the largest confirmed data breach of a single company’s computer network to date. According to officials at Yahoo, hackers gained access to more than 500 million user accounts registered with the technology company two years ago. And because so many people use Yahoo for their email, finances, fantasy sports and so on, everybody is being urged to take action immediately – before the cybercriminals have a chance to exploit the stolen data.

Read Also: Cloud-Based Data Storage Solutions Aren’t Risk-Free

Why Worry?

Depending on the type of information you have stored on your user account, there are all kinds of dangers associated with this type of data breach. Yahoo officials confirmed that hackers successfully gained access to user names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions.

If you are one of those people who use the same password across all your online accounts, the recovery process will be difficult. Changing your Yahoo password is only the first step in the recovery process. Because cybercriminals can use the information collected to attempt to log in to other websites, you will also need to comb through your other online accounts to make sure they remain secure.

In the meantime, consider utilizing the following password best practices.

  • Change your passwords quarterly – especially those that protect your email accounts, domain logins and online banking accounts.
  • Use passphrases with at least 12 characters consisting of upper and lower case letters, numbers and special characters.
  • Never share your passphrases with others and, if you enter your passphrase on a public computer, change it once you are able to log on to your account from a secure location.
  • Use two-step verifications whenever they are available.

Think Before You Click

In addition to maintaining your passwords by taking advantage of the best practices listed above, stay vigilant when it comes to email safety. In particular, consider every unsolicited email and communication you receive as untrustworthy. A single click of the mouse can open up the flood gates and can leave your company’s network vulnerable to a myriad of cyber threats.

By Steve Roth, IT Director (New Philadelphia office)

Check out these article for even more password tips:

8 Tips For Crafting A Strong Password

Passwords Are Like Underwear …

Then And Now: Data Security In America Since The Target Breach

Share Button

Cloud-Based Data Storage Solutions Aren’t Risk-Free

Thursday, September 1st, 2016
Cloud-Based Storage Solution | Rea & Associates - Ohio CPA Firm

If you do decide to store your company’s data on the cloud, be sure to thoroughly investigate the cloud environment you intend on using. Then pay close attention to whether their security controls and processes, including rollover sites or backup and testing procedures, adhere to industry standards. It’s also best practice to request a SOC (Service Organization Controls) SOC Report from your cloud provider. Read on to learn more.

I am regularly asked by clients, friends and family whether they should be concerned with storing their data in a cloud-based environment. My answer: Absolutely.

Even though cloud-based data storage solutions are managed by storage and security professionals (at least hopefully), there’s really no way to determine whether their authentication policies and data security procedures are always in line with industry standards. Because I’m acutely aware of these standards and best practices, I would have a hard time entrusting a cloud-based data storage enterprise with copious amounts of my company’s sensitive information.

Download The Free Whitepaper: Cybercrime: The Invisible Threat That Haunts Your Business

At the end of the day, your company’s data and the data you collect is your responsibility. Therefore, your IT team is ultimately responsible for verifying whether it’s properly secured and whether a proper authentication protocol is in place to ensure that those accessing data are approved to do so. When you work with a cloud-based data storage solutions business, your control over data security procedures is significantly limited.

And just because we haven’t heard much about these types of breaches in the past, doesn’t mean they don’t happen. Consider, for example, the latest “mega-breach,” that has affected millions of Dropbox users.

The Dropbox Breach

According to reports, more than 68 million Dropbox user accounts and associated information, including user names and passwords, were discovered online. The company said Dropbox user information stolen by hackers and distributed via the Internet was the result of a previously disclosed data breach from 2012. Unfortunately, the company and the company’s users are still being hurt by this attack. In response, Dropbox said in a statement that it was forcing password resets.

“We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users,” said Patrick Heim, head of trust and security for Dropbox. “We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”

Protect Your Data To Protect Your Company

Most professionals in the data security field – including myself – believe that any and every site can be hacked. Therefore, in an effort to protect our companies and the businesses and individuals we serve, our goal is to provide comprehensive cybersecurity education to all employees while striving to be aware of all data security issues that may have occurred. Hopefully we will know about any data breach long before cybercriminals have a chance to post information on the Internet or before our businesses are notified of an issue by the FBI or Secret Service.


Want to know why data security professionals say that your company’s employees are your weakest link? This video highlights a common security breach method used by hackers to gain access to your company.


You can take a proactive stance against cybercriminals with the following data security protocols.

  • Don’t just install a firewall, constantly monitor your firewall. Your IT team can constantly monitor your company’s firewall through the use of Security Information and Event Management (SIEM) or Intrusion Detection Systems (IDS) programs. You can also work with an external service provider to provide this essential service.
  • Passwords are powerful, protect them. Require your employees to use complex passwords to log onto your company’s network and change those passwords regularly. Secondary authentication is also important to use wherever possible.
  • Don’t wait for disaster to strike – actively defend your company. Routinely test the access controls of your employees. Not all employees require access to all company data. Instead, only grant access to the data your employees need to do their jobs.
  • Educate, educate, educate. It seems like there are new phishing attempts, ransomware attacks and malware issues every day. But just because you hear that they are happening doesn’t mean your employees are aware. Make sure you keep your employees up to speed. Doing so may just stop them from clicking on a potentially dangerous email.

If, for whatever reason, you do decide to store your company’s data on the cloud, be sure to thoroughly investigate the cloud environment you intend on using. Then, pay close attention to whether their security controls and processes, including rollover sites or backup and testing procedures, adhere to industry standards. It’s also best practice to request a SOC (Service Organization Controls) SOC Report from your cloud provider.

At the end of the day, all you can do is take ownership of your data and be proactive when it comes to verifying the safety and security of your organization’s data. Email Rea & Associates to learn more.

By Joe Welker, CISA (New Philadelphia)

For more tips and insight to help keep your company safe from cybercriminals, listen to episode 41: “the hacked & the hacked nots” on unsuitable on Rea Radio.

Share Button

How To React To A Data Breach

Tuesday, August 2nd, 2016
Data Breach | Columbus Cybersecurity Series | Ohio CPA Firm

Would you be able to effectively manage the fallout of a data breach? If you aren’t sure, keep reading.

It was 2013 when a medium-sized library in Ohio found itself in the midst of a data breach that would later serve as a powerful case study warning against the very real threat of electronic fraud. While originally developed by the Ohio Auditor of State’s office as a tool for government entities throughout the state, Cash Management 240: Financial Fraud – A Case Study, has found usefulness beyond just the government sphere.

Leaders of not-for-profit organizations and for-profit business owners would also find value in this resource, which outlines:

  • the events that resulted in the occurrence of the data breach,
  • the reaction of entity officials during and after the breach was detected, and
  • the short- and long-term outcomes that resulted from the breach.

While I strongly recommend that you read the entire case study, I provide a brief overview of the story below.

How would you respond to a data breach?

Library officials were notified of the occurrence of fraudulent activity impacting the entity’s checking account in March of 2013. According to the bank, the fraudulent activity appeared to be limited to three transactions, totaling $144,743. Fortunately, bank officials were proactive in their efforts to recall the transactions.

In an effort to avoid further fraudulent activity, library officials decided to disconnect the accounting workstations from the entity’s network and proceeded to contact their technology vendor, who advised the library proceed with reformatting both accounting workstations immediately. Soon thereafter, library officials contacted the local police station to report the incident, closed the entity’s existing bank accounts and opened new ones, and notified employees of the data breach as well as the board of directors.

Due to the nature of the breach, it didn’t take long before the Ohio Auditor of State’s office and the FBI were notified of the incident as well. And, in an effort to try and reclaim some of the money that was stolen, a claim was filed with the entity’s insurance carrier. Finally, the library’s bank was able to successfully recover $54,910 of the amount that was stolen. In 2014, when the case study was released, the library was still in the process of negotiating with the bank regarding $89,833 that was still missing.

So, what do you think? Would you say that the library officials were effective in their management of the data breach? What would you do if your company or nonprofit found itself in a similar situation?

Well, according to the FBI, the library could have handled the situation better. For example, the library should have not reformatted the workstations. The FBI and local police force should have been contacted immediately. And finally, the entity should have followed all instructions mandated by the bank to eliminate the possibility of such fraudulent activity.

Since it’s 2013 data breach, the library:

  • Is now required by the bank to follow the ACH Originator Agreement.
  • Has designated one stand-alone PC to be used for online banking.
  • Has requested online access from only one IP address
  • Has purchased a cybercrime policy.
  • Revisited its banking RFP to include a section regarding online banking security minimums.

Do you have a plan to help deter cybercrime?

The above scenario is just one of the countless cybercrimes that occur every day and every type of businesses, entity and organizations are being impacted. If you don’t have a plan in place to help prevent cybercriminals from infiltrating your network and stealing your data for financial gain, or a strategy to recover once a breach has been identified, you are in a very vulnerable position.

I believe that in order to protect against a cybercrime attack, it’s important to be armed with as much knowledge as possible. On Sept. 7, 2016, FBI Agent David Fine will be the featured presenter of part two of the Columbus Cybersecurity Series. During this portion of the presentation, attendees will hear real-life examples of attacks on businesses, including what schemes are prevalent today. Audience members will also discover the very real impact these attacks have on companies and what they can do to deter an attack from occurring in their own business or organization.

The Columbus Cybersecurity Series is free to attend, but registration is required. You can RSVP here.

By Joe Welker, CISA (New Philadelphia office)

Share Button

Last Minute Tax Tips, Financial Stress and Cybercriminals …

Monday, May 2nd, 2016

April’s Top Posts Had Readers On Edge

So our month was pretty intense … how was yours? The good news is that we made it through another tax season, the bad news is that business owners are clearly still on high alert due to continuous influx of hacker activity. Take a look at our top five blog posts in April for some useful tips and insight you can use all year long.

Top 5 Blog Posts For Business Owners In April

  1. Can A Cybercriminal Crack Your Company’s Network? Small and midsize businesses are not immune to becoming the target of a crippling cyberattack and without the proper procedures in place business owners risk the very real threat of a large-scale assault on their company’s data. Would you be able to recover if your organization was attacked?
  2. How Flexible Is Your Company’s Management Style? Never before has the American business owner had to manage a workforce consisting of employees whose ages span five generations. And because each generation is unique, your company’s leadership team is left with the impossible task of adopting a management style to accommodate an incredibly diverse workforce. Keeping reading to learn more.
  3. What Tax Liabilities Accompany Inherited Real Estate? So you just inherited some real estate. You’re probably now wondering – is this a blessing or a curse? From the tax perspective, of course. And that’s a good question to ask. Just because you inherit something doesn’t mean that you’re free and clear of any potential tax liabilities. Depending on how you use the property and if you sell it will determine if you have a taxable situation. So here’s what you should know about taxes and inherited real estate. Read on to learn more.
  4. Increased Financial Stress Hurts Your Company’s Bottom Line Earlier this month, in a proclamation that reiterated the importance of equipping everybody with the “knowledge and protections necessary to secure a stable financial future for themselves and their families,” President Obama declared April to be National Financial Capability Month. While the timing of the proclamation makes this a great time to raise general awareness about the importance of financial fitness, businesses have a great opportunity to educate their employees about the importance of financial wellness all year long.
  5. How Can You Track Use Tax in QuickBooks? Now that you have filed for use tax amnesty and are all set up with an account, how are you going to track it daily going forward? If you use QuickBooks, the answer is as simple as 1-2-3.

April was great, but we are excited to see what May brings. More tips for business success? More financial news and updates? Personal finance advice? Of course! Stay tuned.

Don’t want to miss a post? Make sure you have subscribed to our blog so you don’t miss a single post.

Share Button

Cyber Crime: It Can Happen To You

Tuesday, December 1st, 2015

Phishing Scam Targets Tax Preparers To Get To Taxpayers

IRS Phishing Scams - Ohio CPA Firm

One thing you can do to help protect yourself from cyber criminals is to make sure your address bar reads “https” and NOT like the one pictured above. Read on for additional tips.

Fraudsters don’t take holidays. In fact, they tend to be more active this time of year because they believe we are more likely to let our guards down. Instead, I don’t intend on falling for any of their traps, and I encourage you to do the same.

It’s A Trap

We recently published a blog post with tips to help online shoppers protect themselves against some of the more common tactics used by cyber criminals. From click bait to phishing emails, every link, sponsored post and flashing banner ad is a potential threat and we encourage you to protect yourself at all costs.

For example, you likely receive regular electronic correspondence from companies, organizations, groups and other reputable groups. In fact, you probably willingly provided them with your email address. You may even trust these contacts so much that you never thinking twice about whether their email is valid, and that’s what criminals are counting on. Nobody is immune.

Read Also: Who Is That Email Really From?

A current scam finding its way into inboxes across the country is targeting tax preparers. The email, which is supposedly being sent by the IRS, looks legit and includes the agency’s letterhead, logo and copyright language, among other information designed to add credibility to the piece. But there’s a problem – this email is not official IRS correspondence. Instead, it’s being sent by cyber criminals who are looking to capture usernames and passwords to gain access to taxpayers’ sensitive data.

We’re Not Falling For It

The American Institute of CPAs reached out to the IRS to verify whether the email in question is, indeed, a phishing scam. The government agency confirmed that the email was a scam and were quick to advise recipients to delete the message immediately.

This is just one example of a phishing scam in action. Emails like these are distributed every day and, oftentimes, they come from trusted businesses, organizations or people. As cyber threats continue to be rampant in our society, we must never allow ourselves to become complacent.

What You Can Do

Here are some tips to help keep you safe.

  1. Do It Yourself – Never click on hyperlinks found within the body text of the email – especially if you received the message from an unknown sender. If you do want to check the validity of an offer or content, manually type the URL into your web browser. Same results, less risk.
  2. ‘S’ For Safety – If confidential information is being traded, take a look at your address bar to make sure it reads “https” rather than the standard “http” to be sure the web page you are visiting is, indeed, secure.
  3. If It Pops, Run – Sometimes, the best and easiest strategy you can take to protect yourself from scammers is to configure your computer’s settings and buy and install the proper tools. We recommend disabling all popups, keeping an updated antivirus, use anti-spam and anti-spy software and install and maintain a firewall. Cyber criminals are always looking for ways to get around these measures, but they still provide you with a great first defense.
  4. Watch Your Back With A Backup – We keep a lot of irreplaceable items on our computers and, to many, the thought of permanently losing their data, photos and other documents is terrifying. One way to take the power away from the scammers is to create and maintain a backup of your data – especially when considering the very real threat of ransomware. That way, if something were to happen, you wouldn’t lose these vital items.
  5. Education Is Power – These criminals are slick and they are always finding new ways to take what belongs to you. So, one of the absolute best ways to guard against an attack is to educate yourself on current cybercrimes, identity theft trends and tactics being used by fraudsters.

By Lesley Mast, CPA (Wooster Office)

Want to know more about what other threats are out there? Check out these articles:

Malware Threat Spreads To Smart Phones

Fraudulent Credit Card Transactions Will Become Merchant’s Problem On Oct. 1

How Much Is Your Data Worth To Criminals?

Share Button

Malware Threat Spreads To Smart Phones

Wednesday, September 16th, 2015
Malware Goes Mobile  Ohio CPA Firm

According to the digital media analytics company comScore, between the months of December and March 2015, more than 187.5 million people in the U.S. owned smartphones. During that time, Google Android led the pack as the number one smartphone platform with 52.4 percent platform market share. In other words … that’s a lot of potential LockerPIN victims.

Would You Pay A Hacker’s Ransom If Your Phone’s Data Was At Risk?

Researchers and IT security experts from ESET, a global IT security company, recently announced that they had discovered a malware application that is designed to encrypt files and change PINs on Android devices in the United States. In return, victims are demanded to pay up to the tune of $500. Only then will hackers provide users with the recover key.

If it continues to spread, this form of malware could result in a staggering number of victims. Once again we are reminded of how important it is to vigilantly protect ourselves against fraudsters who will continue to exploit such weaknesses in our technological infrastructure.

According to the digital media analytics company comScore, between the months of December and March 2015, more than 187.5 million people in the U.S. owned smartphones. During that time, Google Android led the pack as the number one smartphone platform with 52.4 percent platform market share.

Read Also: Could Your Company Be Ransomeware’s Next Victim?

Malware Goes Mobile

The malware, called LockerPIN, spreads via third party applications, which are downloaded by the user to their Android device. Similar to the CryptoLocker and CryptoWall malware that has inundated users over the past several years, LockerPIN spreads malware’s reach to the mobile user.

Originally discovered in Ukraine in 2014 the malware has been modified to the point that it is just now making its North American debut. Disguised as a system update, the application changes the user’s PIN to a random setting without their knowledge. The worse part? The only known recovery solution is to perform a complete factory reset, which will result in the loss of all your data.

Fair Warning

It’s only a matter of time before this malware progresses to the point of being able to infect all phones. In the meantime, there are actions you can take to protect yourself.

1)     Never download apps outside of certified app stores.

2)     Back up your mobile devices to your computer or to the cloud regularly.

3)     Do not grant administrator privileges to apps unless you truly trust them.

4)     Stay away from suspicious apps and sites.

By Joe Welker, CISA (New Philadelphia office)

Want to learn more ways to protect yourself and your business from IT threats? Check out these articles.

Who Is That Email Really From? Red Flags To Be Aware Of When Opening Your Email

Who’s Fishing For Your Data Today?

Could A Cyber-Attack Cripple Your Business In 2015?

 

 

 

Share Button

Could Your Company Be Ransomware’s Next Victim?

Wednesday, July 8th, 2015
Preempt A Crisis - Rea & Associates - Ohio CPA Firm

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

The malware known as CryptoLocker or CryptoWall continues to be a major concern for individuals and companies alike. So much so, that the FBI saw fit to issue a warning just last month and help raise further awareness about the threat.

According to the FBI, this Ransomware continues to evolve, which helps it avoid user’s virus detection software applications – even if they are current. Since April 2014, reported the FBI, there have been 992 incidents of CryptoLocker reported. These occurrences have resulted in the loss of around $18 million.

Read Also: How Much Is Your Data Worth To Criminals?

The Threat Is Real

Ransomware is a computer infection that’s been programmed to encrypt all files of known file types on your local computer and your server’s shared drives. Once it takes hold, it’s all but impossible for you to regain access to the data that’s been infected. Once this happens, you have one of two choices. You can:

  1. Restore their machine by using backup media, or
  2. Accommodate the hacker’s demands and pay up.

As a direct result of my experience as an IT audit manager, I have been made aware of several situations in which businesses were left with no choice but to succumb to the demands of malicious cybercriminals carrying out Ransomware attacks. And while the companies I have worked with were finally able to obtain their assailant’s encryption key code to unencrypt and regain access to their data after the ransom was paid, others are not as lucky – after all, the FBI has reported $18 million worth of losses in just over a year. Furthermore, there are no guarantees that you won’t be targeted again in the future.

Preempt A Crisis

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

  • Implement mandatory computer safety training for all employees and implement and test an IT Disaster Recovery Plan in place.
  • Always use reputable antivirus software and a firewall and be sure to keep both up to date.
  • Put your popup blockers to good use. Doing so will help remove the temptation to click on an ad that could infect your computer.
  • Limit access to company’s data by ensuring that only a few employees have access to certain folders and data. You can facilitate this type of action by conducting annual reviews of your company’s employee access rights.
  • Backup all company-owned content. Then if you do become infected, instead of paying the ransom, you can simply have the Ransomware wiped from your system and then reinstall your files once it’s safe again to do so.
  • Never click on suspicious emails or attachments, especially if they come from an email address you don’t recognize. And actively avoid websites that raise suspicion.

Shut Down The Attack

If you are surfing the Web and a popup ad or message appears to alert you that a Ransomware attack is in progress, disconnect from the Internet immediately. Breaking the connection between the hacker and your data could help stop the spread of additional infections or data losses. In addition to informing your company’s IT department about the threat or occurrence, be sure to file a complaint with your local law enforcement agency.

Email Rea & Associates to learn more about the importance of your company’s online security.

By Joe Welker, CISA (New Philadelphia office)

 

Related Articles

Beware Of The Small Business Wire Transfer Scam
Could A Cyber-Attack Cripple Your Business In 2015?
8 Tips For Crafting A Strong Password

Share Button

Hackers Target IRS – 100,000 Taxpayer Accounts Breached

Wednesday, May 27th, 2015
Hackers Target IRS – 100,000 Taxpayer Accounts Breached  - Rea & Associates - Ohio CPA Firm

Reports state that cyber-criminals were able to gain access to taxpayer accounts by obtaining specific, personal information, which allowed them to navigate the Get Transcript authentication process. The IRS said, since February, there have been about 200,000 attempts to access taxpayer’s Get Transcript accounts from “questionable email domains – of which, about 100,000 were successful.

Just when you thought it was safe to let your guard down, cyber-criminals have blindsided us again. This time they’ve used the Internal Revenue Service’s “Get Transcript” application to gain access to approximately 100,000 taxpayer accounts.

Read: Could A Cyber-Attack Cripple Your Business In 2015?

The IRS released a statement Tuesday stating the government agency is “working aggressively to protect affected taxpayers and strengthen [their] protocols even further going forward,” after learning that hackers used “non-IRS sources” to access data, including Social Security information, dates of birth and street addresses associated with the accounts of nearly 100,000 taxpayers. The IRS said the security breach occurred when criminals gained access to its online Get Transcript application, which has since been shut down pending a full investigation by the Treasury Inspector General for Tax Administration.

According to the IRS, “the online application will remain disabled until the IRS makes modifications and further strengthens security for it.”

The data breach was limited to the Get Transcript application, said an IRS representative. The main IRS computer system that manages tax filing submissions was not affected and remains secure.

Reports state that the criminals were able to gain access to the accounts by obtaining information specific to the certain taxpayers, which allowed them to navigate the Get Transcript authentication process, which includes asking the user to answer several personal questions to confirm their identity. The IRS said, since February, there have been about 200,000 attempts to access taxpayer’s Get Transcript accounts from “questionable email domains – of which, about 100,000 were successful.

Expect to receive a letter in the mail if your account was one of the 200,000 accounts targeted. And if your account was one of those that were compromised, your letter will provide additional information, including specific instructions to access free credit monitoring services that will be provided by the IRS to ensure your data is not being used in other financially damaging ways. According to the IRS, the letters started going out this week.

Concerned about identity theft as a result of this breach? Click here to learn what to do if your identity is stolen or if your personal information is compromised.

If you are a business owner, do you have protocols in place to protect your business from a cybercriminal?Email Rea & Associates to learn how you can protect your business from a cyberattack. You can also get some useful tips and information in the related articles below.

By Lesley Mast, CPA (Wooster office)

 

Related Articles 

How Much Is Your Data Worth To Criminals?
When Scammers Demand That You Pay Up, IRS Says You Should Hang Up
8 Tips For Crafting A Strong Password
How Do You Protect Yourself From Identity Theft?

Share Button