LSeven Solutions Blog

Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.

Dealing with disasters are a part of doing business. You know how difficult it is to recover from a devastating flood or storm. While businesses tend to suffer from these situations, countless individuals suffer every time a natural disaster hits. Just take a look at the United States in recent weeks. Even though you may want to donate to people suffering from hurricanes, there are illegitimate charities out there that want to make a quick buck off of your generosity.

If fiscal reasons have stopped you from securing your network against ransomware thus far, you may want to reconsider your strategy. Not only are attacks still becoming more and more prevalent, but the developers of ransomware have lowered the price of admission for aspiring cyber criminals. Fortunately, there are some steps you can take to keep your business protected against a ransomware attack.

In a bizarre reminder of why security best practices are so critical to the world of IT, it has been reported that one of the largest collections of hacked and stolen login details are currently making the rounds in the Russian black market.

Any business that deals with online technology needs to be aware of the dangers that come with the territory. Hackers are more common nowadays than ever before, and organizations that don’t take a proactive approach to keeping threats out of their systems will have to suffer the consequences. Unfortunately, some organizations won’t be aware that they’ve been hacked until it’s far too late.

2015 was a brutal year for major corporations, as one by one they fell victim to hacking attacks. Major organizations like Blue Cross Blue Shield, Anthem, and even the United States Office of Personnel became victims of major hacking campaigns. A fact that’s often lost amongst these details is that not all hackers use their skill for evil actions, even if they are still illegal.

Let’s say you get an email from a close friend. It looks like it’s legitimate, until you check the contents of the message. It’s an advertisement, or it’s trying to get you to click on a link to see something “important.” Regardless of what the content of the message is, you should probably slap that bad boy in the Spam section of your email inbox. You’ve just been the target of email spoofing, and it’s more common than you might think.

One of the most masterful arts of deception that hackers use is the phishing attack, which attempts steal sensitive credentials from unwary victims. The anonymity afforded to criminals on the Internet is what makes this possible. Using phishing attacks, hackers attempt to steal credentials or personal records by forging their identities. What’s the best way to protect your business from these attacks?

As mentioned, there are other types of malware that target ATMs almost exclusively, including a backdoor called Ploutus. Just like GreenDispenser, Ploutus originated in Mexico, and allowed criminals to steal money from ATMs by sending commands through the PIN pad or through a keyboard. Later versions allowed hackers to send a text message to the ATM to distribute cash. While this ATM malware originated in Mexico, it’s suggested by Ploutus’s English localization that it was designed for use in other countries.

Basically, when your accounts are hacked, criminals will often attempt to sell this information on the Dark Web; a place where only those on the anonymity network, Tor, can access. Most information that’s stolen consists of personal identifiable information and financial data, but hackers will often be content with making off with anything they possibly can. The most common industries targeted by these hackers are healthcare, government, retail, and education, but it should be mentioned that all businesses are susceptible to data theft of any kind.

The chances are actually very high that your organization will be targeted if you don’t take action to stop it. Here are three reasons, according to StaySafeOnline.org, that the small business is a key component of a hacker’s hit list.

Small Businesses Are More Exposed
While large enterprises have the funds and personnel available to enact strict security protocol and regulations, the small business doesn’t. Instead, they rely on their staff’s limited knowledge of cybersecurity to protect their data. It’s reported that 71 percent of security breaches are small businesses, which you wouldn’t be able to tell from the attention given to recent high-profile hacks, like Target and Sony.

Small Businesses Have Sensitive Data
Believe it or not, it doesn’t take much to attract hackers to a business. They understand the true value of data, and even a few credentials or records are enough to attract unwanted attention from these criminals. The typical small business has employee records that hold personal information, financial records like credit card numbers, and some even have health records on file that are in high demand. Hackers take this information and sell it on the black market, which make it a lucrative source of revenue for criminals.

Small Businesses Are Vulnerable to Phishing Attacks
Hackers don’t want to take any risks that they don’t have to. Small businesses are often targeted by spear phishing tactics, which is when a hacker attempts to steal credentials by posing as someone with authority. Hackers will often take on the identity of an organization’s IT technician or vendor in order to acquire credentials for internal network access. This, in turn, leads to hacking activity that’s difficult to trace, and is ultimately much safer than other hacking methods.

The good news about these common weaknesses and shortcomings of small businesses is that it doesn’t have to be challenging to protect your business from hackers. All it takes is some proactive monitoring and a quality security solution from L7 Solutions. By actively monitoring your organization’s network for potential weaknesses in your infrastructure, it becomes much more plausible to keep threats out of your system. Hackers love to take advantage of weaknesses in the source code of operating systems and applications, but if you apply the proper patches, you can dramatically increase your network’s security presence.

Similarly, you want a quality security solution, like a Unified Threat Management (UTM), which can protect your network from all manners of threats found on the Internet. By blocking threats through a combination of a firewall, antivirus, spam blocker, and content filter, you can keep dangerous entities out of your network and destroy those that make it through your defenses. Give us a call at (954) 573-1300 to learn more.

Ransomware is one of the most devastating computer viruses in today’s computing landscape. You may have heard of one of its most famous variations, Cryptolocker. It received a lot of attention when it dramatically hit the scene two short years ago. Thankfully, the threat from CryptoLocker has decreased after the GameOver Zeus botnet was taken down last year. Although, now we’ve got a new, more contagious strain of this ransomware to deal with known as Cryptowall.

For argument’s sake, do you think society today relies too much on technology? In the Information Age, both businesses and governments have to be more careful than ever about how they approach cybersecurity. However, what would happen if a massive cyber war were to render any and all computing systems in the United States inert? Granted, such a powerful, in-depth attack is unlikely, but it’s sometimes fun (and frightening) to examine the worst-case scenario.

The Internet is up to its ears with threats and hackers, but some of the most annoying malicious entities are bots. These are systems which can gather information from all kinds of sources. While some aren’t malicious in nature (think SEO bots which gather data from websites), there are those that aren’t so innocent. These tend to fall into the hands of hackers and attempt to steal information or send spam.

This holiday season might leave technology and entertainment supergiant Sony with nothing but a big lump of coal in its stocking. In a high-profile hack, hackers continue to leak Sony’s employees’ sensitive information like Social Security numbers, passports, and even personal emails. This is obviously an issue for the company, but so is its lack of IT security, as shown by their passwords being stored in a folder named “Passwords.”

Hackers come in all shapes and sizes, with varied levels of skills to boot. The generic garden-variety hacker will probably only try to hack your email and send spam, or steal your personal information. However, there are much worse threats out there, like APT hackers. This week, we’ll cover how you can spot these wolves in sheep’s clothing.

Hackers are mysterious. Not much is known about them - until they get caught, at least. But until the divine hammer of justice is brought down upon them, they will continue to stalk the shadows and wait for us to unknowingly hand over our personal information. What they don't want you to know is that they generally act according to a few particular variables, and that it is possible to avoid their pitfalls.

The latest threats can put a damper on your business plan and put your company at risk. Therefore, it's only natural to protect yourself from them. This new threat in particular, Cryptowall 2.0, has the potential to do plenty of heavy-duty damage to your business's network, if given the opportunity.

Hackers are always coming up with new, unprecedented methods of hacking unsuspecting victims. Despite their best efforts, technology professionals have managed to keep up with threats, but this only forces threats to continue to innovate. In fact, some hackers are even capable of using radio signals to hack into an unconnected device and steal confidential corporate data.

All of the security breaches and vulnerabilities of 2014 sure have made for an interesting year; first Heartbleed, then the Internet Explorer vulnerability, GameOver Zeus, and the Russian password-stealing gang. In light of these events, you really have to ask the question, "how can we fight these threats?" Symantec has told The Wall Street Journal that they feel antivirus technology is "dead."