Category Archives for Uncategorized
Important FBI/DHS Warning: Update On FBI and DHS Warning: SamSam Ransomware
Important FBI/DHS Warning: Update On FBI and DHS Warning: SamSam Ransomware
The Department of Homeland Security and the Federal Bureau of Investigation issued a critical alert Dec. 3, warning users about SamSam ransomware and providing details on what system vulnerabilities permit the pernicious product to be deployed.
Illustration vector: SamSam ransomware flat design.
According to the alert, which came from the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) along with the FBI, the SamSam actors targeted multiple industries—some within critical infrastructure—with the ransomware, which also is known as MSIL/Samas. The attacks mostly affected victims within the United States, but there was also an international impact.
As pointed out in the alert, organizations are more at risk to be attacked by network-wide infections than individuals because they are typically in a position where they have no option but making ransom payments.
“Organizations that provide essential functions have a critical need to resume operations quickly and are more likely to pay larger ransoms,” the alert states.
That does not mean individual systems cannot or are not attacked, but they are targeted significantly less by this particular type of malware.
How do SamSam actors operate?
Through FBI analysis of victims’ access logs and victim-reporting over the past couple of years, the agencies have discovered that the SamSam actors exploit Windows servers and vulnerable JBoss applications. Hackers use Remote Desktop Protocol (RDP) to gain access to their victims’ networks through an approved access point and infect reachable hosts. From there, the cyber actors “escalate privileges for administrator rights, drop malware onto the server, and run an executable file, all without victims’ action or authorization,” the report states.
RDP ransomware campaigns are typically accomplished through stolen login credentials—sometimes purchased from darknet marketplaces—or brute force attacks. Since they do not rely on victims completing a specific action, detecting RDP intrusions is challenging, according to the alert.
Ransom notes instructing victims to establish contact through a Tor hidden service are left on encrypted computers by the SamSam attackers. Victims are assured that once they pay the ransom in Bitcoin, they will receive links to download cryptographic keys and tools for decrypting their network.
Where did SamSam originate?
The Department of Justice recently indicted two Iranian men who allegedly were behind the creation of SamSam and deployed the ransomware, causing approximately $30 million of damage and collecting about $6 million in ransom payments from victims. The crippling ransomware affected about 200 municipalities, hospital, universities and other targets during the past three years, according to an article from Wired.
Keith Jarvis, a senior security researcher at SecureWorks, reiterated the sophistication of the SamSam ransomware and how it gains access to systems through weak authentication or vulnerabilities in web applications, methods that don’t require the victim to engage in a particular action. Hackers also go out of their way to target specific victims whose critical operations rely on getting systems up and running as quickly as possible, making them more likely to simply pay up.
What technical details about SamSam are important?
In the joint DHS and FBI report, the federal agencies provided a list, though not exhaustive, of SamSam Malware Analysis Reports that outline four variants of the ransomware. Organizations or their IT services administrators can review the following reports:
What mitigation and prevents practices are best?
In general, organizations are encouraged to not pay ransoms, since there is no guarantee they will receive decryption keys from the criminals. However, relying on a contingency plan or waiting out an attack, as advised by the FBI, is difficult when an entire operation has been compromised.
The best course of action is for organizations to strengthen their security posture in a way that prevents or at least mitigates the worst impacts of ransomware attacks. The FBI and DHS provided several best practices for system owners, users and administrators to consider to protect their systems.
For instance, network administrators are encouraged to review their systems to detect those that use RDP remote communication and place any system with an open RDP port behind a firewall. Users can be required to use a virtual private network (VPN) to access the system. Other best practices, according to the report, include:
- Applying two-factor authentication
- Disabling file and printer sharing services when possible, or using Active Directory authentication or strong passwords for required services
- Regularly applying software and system updates
- Reviewing logs regularly to detect intrusion attempts.
- Ensuring third parties follow internal policies on remote access
- Disabling RDP on critical devices where possible
- Regulating and limiting external-to-internal RDP connections
- Restricting the ability of users to install and run the unwanted software application
This just scratches the surface of actions that administrators and users can take to protect their networks against SamSam or other cyber-attacks. The National Institute of Standards and Technology (NIST) provides more thorough recommendations in its Guide to Malware Incident Prevention and Handling for Desktops and Laptops, or Special Publication 800-83.
Information technology specialists can also provide insight and advice for how organizations can detect gaps or vulnerabilities in their cyber-security that leave them susceptible to SamSam or other malware infections.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
FTC Issues Warning After Marriott Data Breach
FTC Issues Warning After Marriott Data Breach
In late 2018, the Federal Trade Commission (FTC) issued a stark warning about a massive data breach at a Marriott chain that exposed the records of 500 million people.
The latest major corporate breach reinforces the need for companies to invest in multilayered security protocols that protect networks, devices and users.
What Happened at Marriott?
Marriott International reported that a breach of its Starwood guest reservation system exposed personal information on millions of people, Hackers gained access to highly sensitive data, including names, physical addresses, email addresses, phone numbers, gender, and loyalty program data. Among the most potentially damaging information taken were passport numbers, dates of birth and payment card numbers and expiration dates. While the payment card data was encrypted, the company did not know if the hackers had also stolen the technology needed to decrypt that information.
The breach began in 2014 and could affect anyone who made a reservation on or before September 10, 2018, at any of the Starwood brands, which comprise Le Meridien Hotels and Resorts, Sheraton Hotels and Resorts, St. Regis, W Hotels and Westin Hotels and Resorts.
How Did Marriott and the FTC Respond?
Marriott sent an email to warn those who may have been affected by the breach. However, the company ran into some criticism in its response, too.
The emails came from a third party and not the chain itself. The domain, email-marriott.com, doesn’t load or have an HTTPS identifying the certificate. That could lead other hackers to spoof the email and pretend they’re Marriott, duping consumers out of more personal information.
The company has offered a year’s worth of free internet site monitoring that generates an alert if evidence of a consumer’s personal information is found. However, the service is not available in all countries. U.S. consumers also can obtain free fraud consulting and reimbursement coverage.
The FTC encouraged consumers to check their credit reports and credit card statements for accounts or activity that’s not recognized. The agency also suggested placing a fraud alert or freeze on their credit reports.
What Can Companies Do To Prevent These Issues?
To ensure that your systems and networks are protected adequately from such intrusions, it’s wise to invest in a comprehensive assessment of your existing security defenses. An experienced IT services provider can assist with this assessment and recommend improvements to shore up areas that are lacking.
Today’s companies need a blanket of protections on several levels, including:
- Network Perimeters. Advanced firewalls block your network’s perimeter and issue alerts when suspicious activity is detected. With 24/7 automated monitoring in place, companies can be confident that unusual behavior is identified, contained and addressed before significant harm can be done.
- Devices. Every device on your network needs to be protected with advanced anti-virus, anti-spam and anti-phishing detection systems. These applications should run continuously in the background and be updated automatically to address emergent threats. By quarantining suspicious emails, these tools help prevent users from unwittingly providing access to bad actors.
- Authentication. Companies are increasingly using multi-factor authentication protocols to safeguard access. Multi-factor authentication, for example, may involve completing additional steps after entering a password, such as typing in a code texted to a registered mobile device or clicking on an email link. While these protections may be a minor annoyance to some users, if a device is stolen or lost, the procedures can keep access protected.
- Cloud Backups. Storing data and applications in the cloud helps keep your critical information protected. Cloud providers and managed IT services companies use both digital and physical safeguards to make sure that data is encrypted and accessible in a moment of need.
- Business Continuity. When a natural disaster or hack occurs, your operations can be offline for days or weeks unless you’ve planned ahead. Business continuity planning allows your company to develop the protocols and procedures that will be deployed during and after a disaster. This planning involves identifying the people and responsibilities to manage these events, developing risk assessments, testing the responses and making adjustments as necessary.
This broad approach to security helps minimize the likelihood of a Marriott-level incident damaging your company’s business and reputation.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
Threat Advisory: SamSam Ransomware
Threat Advisory: SamSam Ransomware
SamSam Ransomware is becoming a massive problem for multiple industries across the United States. In fact, the problem is so big that The Department of Homeland Security, (DHS), National Cybersecurity and Communications Integration Center, (NCCIC), and the Federal Bureau of Investigation, (FBI), have all recently issued a US-CERT alert due to the SamSam ransomware. Like other types of ransomware, files and networks are infected. In exchange for uninfected the system, hackers want a ransom, that typically costs thousands upon thousands of dollars. Every company that runs a network needs to be aware of SamSam ransomware. Here is what you need to know about this topic.
What is SamSam Ransomware?
SamSam ransomware is a type of ransomware that is designed to exploit Windows servers to gain access to your network. Once it is in the network, it uses the JexBoss Exploit Kit to access your JBoss applications. This type of ransomware is also able to use Remote Desktop Protocol to access your network. The virus is difficult to detect, due to the path it takes to access your system. Once the virus has made its way inside, hackers are able to get administrators rights, putting their malware on your server and basically hijacking your network. They do not release their hold on their network until you pay them the ransom they are asking.
What Can You Do to Decrease Your Chances of Getting SamSam Ransomware?
It is extremely important that you take the correct precautions to decrease your chances of getting infected with SamSam ransomware.
One of the steps you can take is to enable strong passwords and an account lockout policy. If you have strong passwords and a good lockout policy in place, it makes it much harder for the software to hack into your system and infect it. Enabling multi-factor authentication can also help. Before any new software can be installed, before software can be wiped or before changes can be made to your network, authentication is needed. The more authentication levels you have, the harder it will be for any ransomware to infect your system.
Unfortunately, while you can decrease your chances of getting infected with SamSam ransomware, there is no way to prevent infection altogether. As such, it is essential that you regularly install system and software updates and maintain a great backup system for all of your data and systems. This way, if you do get infected, you have a recent back-up for all of your system and data. You can wipe your current, infected system and start fresh from your backup point, without losing much at all.
How Can You Learn More About SamSam Ransomware?
If you are looking to learn more about SamSam ransomware, including the technical details surrounding it. It is highly recommended that you read through the SamSam Malware Analysis Reports that have been released by the US-CERT. A list of the reports, including links, are included here:
- MAR-10219351.r1.v2 – SamSam1
- MAR-10166283.r1.v1 – SamSam2
- MAR-10158513.r1.v1 – SamSam3
- MAR-10164494.r1.v1 – SamSam4
SamSam Ransomware is infecting computer systems and networks in multiple industries all across America. It is important that you learn what this ransomware is and how to protect yourself against it. Taking the right action can help to minimize the chances of your network being held ransom by SamSam ransomware.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
If You Don’t Think Cybersecurity Is Crucial – Listen To This
If You Don’t Think Cybersecurity Is Crucial – Listen To This
Small and mid-sized companies have a tendency to operate under the assumption that hackers target only more extensive operations. There’s a simple logic to that misconception that these criminals instigate cyber breaches that reap the highest possible reward. Nothing could be further from the truth.
Check out what Robert Herjavec and Scott Schober have to say on Cybersecurity. Click Here
While hacks into the Democratic National Committee and Equifax make big headlines, the majority of cyber attacks are carried out on smaller, vulnerable systems. Most hackers merely look for the low hanging fruit. If your small or mid-sized company has modestly valuable data and lacks top-tier cybersecurity, you are that low hanging fruit.
By 2020, upwards of 6 billion people globally and 283 million Americans are expected to utilize the Internet. That means businesses of every level will be fully engaged and it only takes two miscreants on another continent to breach your security.
Cybercrime has already reportedly outpaced the combined profits of all the major drug cartels in the world at $6 trillion annually. Unlike vast criminal organizations, two computer whizzes with laptops thousands of miles away can extract sensitive information without a company even knowing until it’s too late.
These days, stealing credit card info is not among the highest priorities. Cybercriminals have discovered that personal and personnel information can yield significant paydays. If you still don’t think cybersecurity ranks among the highest priorities for small and mid-sized companies, just listen to this.
Hacks Are Often Inside Jobs
It may seem counterintuitive, but a company’s most significant cyber threat can be found among the most valued employees. Staff members are not generally acting in a nefarious fashion. In fact, loyal employees are often just that, loyal. But a pervasive attitude exists in workplaces that checking in on personal social media, using various non-work related apps and platforms is both allowable and safe.
According to cyber security experts, upwards of 93 of all breaches that are investigated thoroughly trail back to an employee. Although that person is generally not the so-called “inside man” or “inside woman” regarding criminal intent, their nonchalant attitude about checking personal sites exposed the small or mid-sized organization to a massive data breach.
Many are merely duped by phishing scams or inadvertently infest a business system with malware. This could occur by synching an unsecured device, moving data on a USB drive back and forth between home and work, or surfing the Internet among other security missteps. While many business decision-makers believe their data is not at risk, it takes a cybersecurity professional to build a company-specific “human firewall” that reduces internal threats through actionable policies and training.
Small And Mid-Sized Organizations Held Hostage Everyday
No Third World drug cartel can compare to the volume of theft leveled by small-time hackers. Ransomware remains the top malicious software and ranks among the most lucrative type of cyberattack. This variety of malware targets business systems by penetrating them through a camouflage method of encryption. Once inside a business’ network, it quickly encrypts critical data and makes everything inaccessible to the organization.
The name “ransomware” was earned by what comes after. A defiled organization will likely get a notice to pay a certain amount — often in bitcoin — to get an encryption code allowing you to restore access to your own files. This hostage situation often proves fruitful for the cybercriminal because paying them off appears to be in the company’s best financial interest. Sadly, too many business leaders only move forward with advanced cybersecurity after suffering a feeling of helplessness and humiliation.
Underachieving Cybersecurity Protocols Prove Costly
A Verizon Data Breach Report reportedly concluded that upwards of 60 percent of all incursions during 2016 could be attributed to outside forces. These data breaches were considered instances of “hacking” by a third party’s intent to circumvent existing security measures. Hackers tend to seek out a company’s weakest cyber defense points to gain access.
In essence, this follows the adage that a chain is only as strong as its weakest link. Among the more notable instances of a weak-link failure was JP Morgan’s massive breach in 2014. Despite having a top-tier cybersecurity team in place, a single server was missed during a password update. That single under-protected server resulted in what was ranked among the top 10 worst cyber thefts in history. Approximately 83 million household and business accounts were reportedly impacted at a whopping $100 million.
While this level of cyber theft makes mainstream media headlines, hackers tend to have greater success penetrating smaller companies with far less sophisticated cyber security systems. The basic criminal business model relies on volume not occasional massive paydays. Think about it this way. The Brinks Job made bank-robbing history in 1950, but stick-up men knock off liquor stores every day.
Unpatched Security Bugs Attract Cybercrime Infestations
One of the more prevalent methods used by a hacker is to infiltrate your system in plain sight. Cyber thieves often use well-known software deficiencies commonly called bugs as a type of cracked door.
When software companies send out routine fixes such as patches, users have the option of making this repair. But when a system appears to be functioning appropriately, a small or mid-sized business may discard the effort as more of a nuisance than anything else. That could prove to be a fatal data breach mistake.
When systems linger unpatched, hackers may be quick to seize on specific vulnerabilities and infiltrate a company’s network. It’s important to understand that cybersecurity only seems like another time-consuming task that detracts from company goals. Anyone who uses computers, devices, software or accesses the Internet is inherently in the cybersecurity business. Without adequate cybersecurity systems, policies and protocols in place, the entire organization remains at risk.
Data Breaches Threats Represent A Clear And Present Danger
If you remain unconvinced about how crucial cybersecurity is to your business’ integrity, consider these telling facts. The U.S. government has placed the most significant emphasis on increasing only two areas of the military budget — special ops and cybersecurity.
Today, a person’s electronic medical records are more valuable than credit card information on the dark web. And, electronic ransoms are the fastest growing cybercrime and are expected to occur every 14 seconds by 2020. The question is no longer if a sub-par system will be hacked, it’s when
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
How Long Does It Take Your Law Firm IT Services Provider To Respond?
How Long Does It Take Your Law Firm IT Services Provider To Respond?
One complaint we get all the time at Parkway Tech is about slow response times—not ours, but that of other managed law firm IT service providers. Each week we get calls from firm administrators and attorneys who say their managed IT service provider just shows up when he feels like it. They want to know how fast we can get there when their servers and computers break down.
Since they’re paying good money for these technology services, it’s no wonder they’re upset. Would you pay for a service that you really didn’t get? Or that didn’t arrive as promised? Lots of managed IT service companies promise quick response times but few deliver on their promises.
In addition, “fast” is a relative term. Some companies might think that fast means responding within a few days, while at Parkway, we believe fast means responding within one hour.
Our standard response time is a 1-hour guarantee. However, according to my handy dashboard, we are averaging about 3.7 minutes for a first response to a ticket. Anything under 10 minutes is definitely fast in our business. But we don’t do this to show off; we do it because we understand that our customers have firms to run. Every moment they’re without their technology resources, they’re losing money.
Succeeding These Days Requires More
I believe that’s one of the reasons for our 10 years of success. We partner with our customers to ensure that they have IT support and services that will make it possible for them to excel in their industry.
If you’re looking for a computer repair company, we’re not the right choice for you. Our team approaches IT services with the idea that if we can keep your technology functioning optimally, then you can focus on growing your firm.
In the past, larger firms would hire a couple of in-house IT techs and they would fix computers and servers that broke down. Smaller firms would find someone, probably a single individual, to handle their computer problems and bill them by the hour. But there’s a whole lot more than that to managing your IT infrastructure. You need IT professionals who can monitor and manage your technology. They should be familiar with your industry and business.
That’s what you get when you work with Parkway Tech. If we see that you might benefit from some new type of hardware or software, we’ll recommend that you look into it. We’ll help you find the best technology to handle your firm’s processes. Our team does a lot more than just fix computers. We can help with everything from training employees to recommending new software applications.
Operate at Maximum Efficiency
When you have a proactive team on the job, you’ll notice that your technology won’t break down as much. It will operate at maximum efficiency and your employees will get more done in a day’s time. You’ll avoid costly break-downs that slow or stop your forward progress. Yes, this type of IT support does cost a bit more, but you benefit in many ways that you don’t see right away.
Stay on the Cutting Edge of Technology
The days are gone when attorneys can scrape by with bottom-of-the-barrel computer support that’s cheap. With technology playing such a big role in today’s modern law firms, your firm will profit if you’re on the cutting edge of new discoveries like Artificial Intelligence and Machine Learning.
Inexperienced technicians may seem like the least expensive way to go but their lack of experience will cost you in the long run. Plus, of course, if you have employees sitting around for two days waiting on the break/fix company to come out and fix a server, then there’s no way to calculate how much that actually costs you.
With Parkway Tech on the job, you’ll get a team of real IT professionals who respond within one hour.
If you need help with the purchase of new software and hardware, we’ll save you some time and money. We have lots of experience with all types of technology products and that experience will save you some stress as well.
You need the best solutions for your business, and we’ve done our homework to ensure that you get the right IT solutions to support your goals and your growth.
90 Day Guarantee
Our 90 Day Guarantee is simple: You have 90 days to try our IT support services. If we aren’t worth every penny that you’re investing, we’ll refund your money – all of it. You’re not going to get that kind of guarantee from a fly-by-night computer repair “guru” or your brother’s cousin who tinkers with computers.
Fast and Furious!
In this day and time, the world does seem to move a lot faster than ever. And if you can’t keep up, then you might be left behind in the dust. But with Parkway Tech handling all your IT infrastructure, you can compete with the best of them.
Parkway Technology Solutions will get there fast and we’ll do the job right. You can’t ask for more than that.
In the meantime, it’s important for you and your employees to stay up-to-date on technology. We’ve provided some articles on our Law Blog that you should find interesting. Here are a few to get you started:
4 Tips For Working Securely On Wi-Fi
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
Marriott 500 Million Person Data Breach (Questions/Answers)
How Marriott Got Caught In A 500-Million Person Data Breach
Were You Affected? (Your Questions Answered)
What Do We Need To Know About The Marriott Breach?
Another big corporation got hooked. This time it was Marriott International. They just revealed that their Starwood reservations database of 500 million customers was hacked and that the personal information of up to 327 million guests was stolen. And, this has been going on since 2014!
How Did This Happen?
- On September 8, 2018, Marriott was alerted about an attempt to access the Starwood guest reservation database.
- They contacted leading security experts to help them determine what occurred. Marriott said that the hacker copied, encrypted and removed their customers’ data.
- On November 19, 2018, Marriott was able to decrypt the data and learned that it was from the Starwood guest reservation database.
Marriott acknowledged that the encryption security keys for this data may have fallen into the hands of hackers. This allowed them to access the massive amount of data. Secure systems lock up data and should store the encryption keys in a location that’s separate from the confidential information.
Some good questions to ask here are:
“How did the criminals get Marriott’s encryption keys?
“Why did it take so long for Marriott to reveal the breach?” They learned about it in September which is over two months ago.
And, this was a 4-year long breach! “Why didn’t Marriott know that their customers’ data was being stolen over this long period?”
Maybe we’ll find out the answers to these questions, and perhaps not. What’s for sure is that you are on your own when it comes to protecting your confidential data.
How Do I Know If My Data Was Stolen?
If you are a Starwood Preferred Guest member and your data was stored in the Starwood property’s database (which includes Sheraton, Westin and St. Regis hotels, among others) you need to be on alert.
As mentioned, this data breach goes all the way back to 2014 and includes names, passport numbers, email addresses and payment information for approximately 327 million travelers – a “big catch” for any hacker. Even your date of birth, gender, reservation dates and communication preferences may be included in the breach.
Should I Contact Marriott?
Marriott set up a website and call center for customers who were impacted by the data breach. Email notifications are also being rolled out.
Marriott is also offering affected customers the option to enroll in WebWatcher free of charge for one year. WebWatcher monitors internet sites where personal information is shared and generates an alert if your personal information is found. If you live in the U.S., you’ll also be offered fraud consulting services
What Else Should I Do?
If your data was stolen, you should observe for incidents of identity theft. Also, watch for phishing emails where hackers try to impersonate someone you trust to take information or money from you.
Arrange For Security Awareness Training For Your Employees
If your business data was involved, make sure that you arrange for Security Awareness Training for your employees to train them to recognize phishing attempts. This includes:
- Baseline Testing to assess the Phish-prone percentage of your employees through a free simulated phishing attack.
- Training For Your Users with content that includes interactive modules, videos, games, posters, and newsletters.
- Simulated Phishing Attacks that utilize best-in-class, fully automated, simulated phishing attacks, thousands of templates with unlimited usage, and community phishing templates.
- Reports with statistics and graphs for both training and phishing for your management to review.
Whether your business was involved in the breach or not, Security Awareness Training for your employees is always a good idea.
Another good idea is to sign up for Dark Web Scanning Services.
Get Dark Web Scanning For Your Confidential Business Data
The Dark Web is a secret internet society that’s only accessible to a select group of criminals. Criminals use it to take stolen data (like the Marriott/Starwood customer information) and dump it on the black market for sale.
Dark Web Scanning is a sophisticated monitoring solution that helps businesses of any size detect cyber threats that expose their stolen business accounts, email addresses, payment information, and other confidential data that’s on the Dark Web. It also does this in real time and detects any of your compromised credentials or information before criminals can use it for profit or other crimes.
Don’t Count On The Marriott’s Of The World To Protect Your Business Data – You Must Do This Yourself
Contact us for information about Data Protection, Security Awareness Training and Dark Web Scanning. We have a Suite of IT Security Solutions to help you keep your business data secure.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
6 Tips To Ensure Third-Party Security
6 Tips To Ensure Third-Party Security
Businesses of all types and sizes today must navigate a complex matrix of vendors and partners. In many cases, there is frequent sharing of data, including sensitive and proprietary information, that could be problematic if hacked or stolen.
The advent of new technologies, including the Internet of Things, automation and cloud systems, make for the collection and sharing of information more accessible than ever before. However, the increased volume, accessibility and transfer of data creates problems and added risk for companies. To help companies protect information and minimize the risk of data theft, here are 6 answers to common third-party security questions.
1. How Can I Assess My Company’s Data Security?
The place to start is with an internal audit of your system. Which vendors have access to which data? How are they connecting to your networks and what can they access?
It’s smart to map your third-party partners, understanding who they are, how they access data and what data they can access. Make sure third parties only can reach information that is necessary. Often these audits can detect access that was given long ago to third parties that no longer should or need to have access.
2. What Can I Do to Assess My Third-Party Partners?
There are basic things you can do to ensure that third parties have the right safeguards in place when using your data. Asking for copies of their data security policies and audit results is an excellent place to start. If there are practices or results of concern, you can ask for more details. Some companies require their vendors to undergo a thorough security audit with detailed questionnaires or independent verification of processes and systems.
The practice is not just good business sense. Many new regulatory mandates, including the European Union’s General Data Protection Regulation (GDPR), require companies to ensure that third-party vendors are also compliant with the appropriate requirements.
3. What Foundation Do I Need to Data Security and Third Parties?
Be sure your organization has clear policies and procedures that govern data access and security related to third parties. Policies should be evaluated regularly to reflect new technologies or practices.
4. Who Is Responsible for Data Security?
Often, risk ownership can be a gray area as companies exchange data, update it and enter it into each other’s systems. A risk assessment matrix should be created that defines and tracks data within your corporate ecosystem. The matrix should include:
- Vendors, partners, customers and subcontractors throughout your supply chain
- Classifications of each third party based on how they interact with the organization
- Risk types mapped to each third party
- Risk levels assigned to each vendors’ assigned risk types
This exercise allows you to build a comprehensive risk assessment model to inform decisions, policies and access.
5. What Technologies Can I Use to Help With Security?
Ultimately, control rests with your organization. You can control the parties with access, the types of access, and the assets that can be accessed. Here are some tools to deploy to assist with that control:
- Encryption is effective in protecting data stored in your systems and transmitted to other parties. Encryption need not be applied to everything, but high-risk information merits investment in encryption tools.
- Two-factor authentication is another consideration. If you use multi-factor verification tools for internal access, you most certainly should do the same for external access.
- Risk-based authentication goes a step further. Rule-based access, such as only allowing access from a particular domain, can be incorporated into your security plan. If an access request does not meet the pre-defined rules, additional authentication layers are applied.
- Monitoring networks is a wise move. Monitoring what is accessed and by whom allows for a better understanding of information transfer. Firewalls that inspect data packets and issue alerts when unauthorized data are in play help prevent unwanted extrusion.
6. What Documentation Does My Company Need?
When you’ve determined your guidelines, policies and rules, be sure to put it in writing. Make it a part of your new contracts and insist on amendments to any existing agreements with third parties. Contractual guidelines help to protect companies from litigation as more plaintiffs go after multiple parties in the case of a data breach.
Not all contracts need to be the same when it comes to data access provisions, although it is good practice to establish a baseline of minimum requirements in all applicable third-party agreements.
With the growing threat of cyber attacks, an active approach to data security is a way for organizations to mitigate risk and ensure that data stay in the right hands.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
Top Data Breaches In The First Half Of November 2018
Top Data Breaches In The First Half Of November 2018
Data breaches never fail to stay at the top of news headlines, and these are news headlines that should be highly regarded if you are a business owner. According to the ID Theft Center, there were at least 1,579 breaches, which was a 44.7 percent increase from the year before.
A Look at Early November 2018 Data Breaches
The astounding uptick in data breaches is expected to continue as a trend for 2018, and the first half of November 2018 has already shown multiple problems. Take a look at some of the breaches that have occurred already in November for 2018.
Ontario Cannabis Store/Canada Post
The legalization of cannabis across the country in Canada brought about a lot of prickly, unfamiliar situations for consumers and business owners. However, to worsen matters, their new and booming industry took a hard hit because of a massive data breach during the first part of November. The data breach was in the form of a hacker who managed to get into Canada Post’s delivery tracking tool.
Customers who had purchased cannabis for mail delivery from Ontario’s Cannabis Store had their information exposed. This data risk is considered severe because those in the up-and-coming cannabis business in the country could face concerns with consumers about the privacy of their personal information. This data breach affected as many as 4,500 customers.
HSBC Bank USA
Domestically, a significant data breach with one of the top names in banking left financial institutions and consumers alike a bit fearful. HSBC Bank had multiple customer accounts compromised. To date, the number of accounts compromised and customers affected has not been disclosed. Nevertheless, this has been considered a severe data breach because the data taken can be severely damaging to consumers who hold accounts at the institution.
The risk to related businesses because of this kind of breach is pretty massive. Banking customers place money in their accounts because they trust the institution will keep it secure. This kind of data breach with one of the world largest banks does not fare well in the minds of consumers; it only lessens their overall faith in banking systems as a whole. So far this year, financial institutions have taken a hard hit.
Other Data Breach News Around the Globe for November
Pakistan had an epic fail in November with hackers managing to get the account information of at least 8,000 banking customers. This data breach didn’t just affect one bank; it actually affected customers from ten different banks across the country. The stolen data has already shown up on the Dark Web as records for sale for prices between $100 to $160 per record. So far, the cybercrime division in Pakistan has found more than 11,000 records.
Noteworthy Data Breaches So Far in 2018
The new November 2018 data breaches are added to a growing list of breaches that have already occurred for the year. Facebook was perhaps one of the most publicized data breaches for the year. In April of 2018, at least 87 million records were breached, and it’s most probable that there were far more. Orbitz also had a considerable catastrophe when travel booking accounts were hacked, leaving something like 880,000 customers’ payment cards exposed.
Data Breaches in 2017
Numerous businesses in the past have had problems with data being compromised, especially in 2017. There were at least 16 data breaches for major retailers, according to Business Insider, including Macy’s and Adidas, to name a few. Sears even had a data breach in April that affected at least 100,000 customers who had their credit card information compromised. Restaurants were also hit with data breaches in 2017. Sonic and Panera Bread were two of the most noteworthy.
So far this year, the numbers of data breaches have exceeded those in 2017 by a long shot, which just shows how much of a risk data breaches are continuing to be in spite of considerable efforts to stop them. All business owners should amp up their security efforts and keep a close eye on data, so it is rightly protected.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
14 Ways Small Law Firms Tackle Cyber Threats
14 Ways Small Law Firms Tackle Cyber Threats
Law practices manage volumes of sensitive client information, and they’re attractive targets for hackers. Opportunistic cyber-criminals are especially drawn to smaller and medium-sized law firms and other organizations where they are more likely to find IT systems that are less well protected.
Protecting attorneys and their clients, prevention of intrusion by phishing, email hacking, ransomware, spyware, sensitive data leaks, and other security issues is the focus of Managed IT Services for law firms. Below is a list of 14 ways to protect your firm, clients, and employees from cyber-threats, and other essential information to help you improve IT security for your law firm.
14 Tools for Data Protection
Keeping small law practices secure from cyber threats involves taking the necessary measures to reduce risk in some areas of a firm’s information technology. Risks include breaches to data confidentiality, data loss, and downtime due to hacking, virus and other disabling IT network events.
As part of an evaluation of your firm’s current level of cyber-security, an assessment of your methods of storing and transmitting sensitive data should be performed. Essentials include:
- Strong passwords that are automatically prohibited from reuse
- Multi-factor authentication at all points possible
- Hard drive and backup drive encryptions
- Password protection on sensitive document
- files Email attachment encryptions
- Avoiding discussing sensitive issues in non-encrypted emails
- Secure data storage (either certified GDPR-compliant cloud-based, or on-premises)
- Faxing secure documents using a standard fax machine, not e-faxing
- Diligently maintaining awareness of whether or not you are using an https site
- Routine staff training on identifying phishing and (“spear phishing”) other cyber-threats
- Execute routine backups
- Retain e-filing receipts from the court and confirmation emails
- Keep software updated
- Have an independent IT systems threat assessment
The Most Common Ways Cyber-Criminals Penetrate Network Systems of Law Firms
1. Phishing / Email Hacking
Today’s attorneys and staff use email, as well as shared document workspaces like DocuSign and Dropbox, which connect users’ email accounts. Meanwhile, hackers are busy developing their phishing methods to access these and other online accounts of law firms.
- Example:Hackers have designed their color schemes and graphics to mimic login screens.
- Example: A phishing trick at least one hacker has used to gain access is emailing requests for law firm employees to log in to online document storage and view a file.
- Example: Hackers have sent fake PDF files that appear to be from a law firm. When the recipients clicked on the documents, they were redirected to the hackers’ phishing site.
After a phishing attack, the first step is to quickly change all passwords for email accounts, and file sharing services or other online tools connecting the firm’s email accounts. Employing a two-factor authentication process adds an extra layer of security.
If clients’ information has probably been compromised, then the firm must inform them.
Law firm employees must be vigilant about identifying fake email requests. Cyber-criminals are becoming more sophisticated all the time in creating them.
2. Ransomware
Hackers using ransomware sometimes succeed in locking down files or computer systems and forcing their owners to pay to regain control of them.
- Example: A hacker has threatened to use wiper-ware to delete files if money was not paid promptly.
Law firm employees who receive threats that files will be deleted if money is not received quickly enough should not pay the ransom. Instead, report the incident immediately and work with IT experts in file recovery.
3. Data Leaks
Law firms with weak policies on information security are at increased risk of having sensitive information being made public by hackers.
- Example: A hacker may acquire law firm client’s or employee’s confidential information and broadcast it, perhaps on Twitter through a folder./li>
Artificial intelligence (AI) software may be used to help isolate weaknesses in a law firm’s IT network and identify various user behaviors that can make hacking more likely to occur.
Legal Malpractice Charges Due to Insufficient Computer Security in Law Firms
Law firms have a significant responsibility in keeping their voluminous confidential files secure, whether their information storage is on premises or in the cloud. Allegations of legal malpractice have become a problem for firms found operating without adequate file security measures in place.
- Example: A firm that had not been hacked was accused of allowing a client’s information to be exposed through vulnerabilities in the network, and received notice to prioritize cybersecurity.
The ABA’s 2017 Legal Technology Survey revealed that 22% of law firms had either been hacked or had data breaches during that year. That percentage is up from previous years.
Parkway Tech, Winston-Salem NC
Parkway’s team of North Carolina network security experts afford local small to medium-sized law firms state-of-the-art cyber-security to protect data, files, systems, and attorney’s reputations. The centerpiece of Parkway’s Managed IT Services for law firms; our legal IT specialists focus on implementation, monitoring, and management of your network and IT systems security. We apply maximal preventive measures to block existing and ever-emerging and evolving cyber-threats.
For More Information About Cybersecurity For Law Firms
For more information about IT security for legal practices, contact Parkway Tech at (336) 310-9888 any time, to schedule an appointment with a legal IT Managed Services specialist. Ask for a no-obligation systems assessment.
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report
What Can You Do When You Don’t Trust Your IT Guy?
What Can You Do When You Don’t Trust Your IT Guy?
Have you ever needed to fire an employee you didn’t trust who had access to your company’s confidential digital information? Yes, this is scary. But when it’s your IT guy, it’s a nightmare!
Can You Trust Your IT Guy?
Have you ever needed to fire an employee you didn’t trust who had access to your company’s confidential digital information? Yes, this is scary. But when it’s your IT guy, it’s a nightmare!
This is what happened to a law firm in the Triad.
They had to let their onsite tech go. He had been in charge of managing and securing all of their technology, including clients’ confidential data. But the firm’s managers became suspicious about some of the activities the tech was involved in. They no longer trusted him. The only thing they could do was ask him to leave.
Now they were concerned that he would try to retaliate and hack into their system. They needed help and contacted us.
What Did We Do To Keep Him Out Of Their IT System?
As experts in Legal IT, we know how important it is to ensure the security of private data. If the tech hacked into their system he could steal their clients’ data. This would ruin their practice and put them in jeopardy of noncompliance.
We couldn’t let this happen, so we immediately:
- Technology Planning,
- Solutions that align with your budget and increase your operational efficiencies,
- Business Continuity and Disaster Planning,
- Expert Security Planning,
- Cloud Solutions that save you money, eliminate storage issues, and can be scaled to meet your specific requirements,
- Spam and Email Protection,
- And more.
Doesn’t it always seem like technology fails you when you need it most? When this happens it’s imperative that you resolve these problems and resume normal business operations as soon as possible—Time is money. It can be precarious to be so dependent on technology, but without it you just can’t compete today.
Few small businesses have either the required skills or the time to maintain and repair computers, networking equipment, or other technology. And, they can’t afford to hire dedicated, full-time employees to deal with IT maintenance. Even if they could, there isn’t enough need for a full-time expert.
So, what do they do? They try to “fix” things themselves. They find the most tech-savvy employee to double up on their duties and deal with hardware procurement, software licensing, and day-to-day IT troubles.
Trying to resolve and keep up with inevitable technology failures is no longer a simple matter. And as your business has grown, you’re probably using computers and network equipment from a variety of dealers. So, getting the support you need is more difficult.
Plus, you have to manage warranties, support contracts, and deal with finger-pointing between vendors when problems occur. Doing this on your own can be like a volcano waiting to explode. Below the surface are IT issues and vulnerabilities that can cause big problems down the road.
Do you rely on your non-IT employees to deal with technology problems? If so, it’s best to let them stay focused on their duties, and enlist the aid of expert IT support. The time and resources dedicated to managing technology problems can negatively impact employees, their stress levels, and ultimately, your customers.
The smart thing to do is to outsource your IT support to a company that makes sure all your technology stays up and running. They should be experienced in maintaining and troubleshooting desktops, laptops, servers, and network hardware. And they should have the knowledge and skills to keep things running smoothly and securely.
Large enterprises address this problem by hiring the right people for the job. They rely on experts for what they need: marketing, accounting, legal services and more. They know to leave the technical responsibilities to the experts.
If you’re worried about the cost, don’t be. The cost of outsourcing IT service and support will pay for itself because your tech issues will be addressed quickly and correctly so you can continue to focus on meeting your customers’ needs and growing your business.
Plus, you can get all your IT support and management for a fixed monthly price. A fully managed program is the best solution for small businesses, and provides the most reliability, security and quality of service. You’ll have 24×7 access to IT assistance from technicians who will provide both remote and on-site support with guaranteed response times to prevent downtime and ensure your business stays up and running.
All aspects of your network will be monitored and maintained: security, data protection applications and hardware. This optimizes your network’s performance, so it will work at peak efficiency to meet the demands of your business.
Your IT expert can also act as your CIO and IT Advisor, and help you with:
Your time is important. You have more important issues to deal with than IT problems. Outsourcing your IT support and service allows you and your employees to focus on your duties, and grow your business.
Parkway Tech
Our Fully Managed IT Service is the ideal solution for small businesses like yours in Winston-Salem, High Point, & Greensboro. We know how hard you work to afford your technologies, and we’ll ensure you get the most from them. We’ll offer the value you need, and protect your technology investments.
Just ask our clients: We provide the utmost in network reliability, security and quality service. For a free, no-obligation assessment of your IT needs, call us at 336-310-9888 or email us at: sales@parkwaytech.com
Can Your Legal IT Services Firm Keep Law & Order With Your Practice’s Technology?
Learn how Parkway’s Legal IT Services helps firms across North Carolina achieve better results.
Click Here
Download Our Free Report