12 Ways To Contain the hack, stop the bleeding & eliminating the threat

Hey YOU, SMB, yeah I’m talking to you. There are a number of things that you can do to not only protect your personal information, but also the information you have in your business:

  1. Hire a professional It is entirely possible the small business was hacked because they did not employ technicians to prevent it in the first place. Therefore 3rd parties that specialize is security and breach mitigation should be contacted immediately.  These IT security professionals specialize in containment. Their role will be to forensically determine the nature of the compromise, remove the vulnerability, update any necessary hardware and software, and ensure a breach such as this does not happen in the future.
  2. Disconnecting every affected device from the Internet temporarily The purpose here is to stop any data from leaving the network and to prevent the hacker from communicating with the server. This may mean disabling internet connections or physically unplugging the internet from connected devices
  3. Change and reset passwords – Many hacks begin with compromised passwords. And the moment a network or device goes back online the hacker will log back in unless all credentials have been changed and updated.
  4. Update all software – Begin by scanning all hardware and software with anti-virus programs and removing viruses. Vulnerabilities are often due to outdated software or operating systems riddled with flaws. Updating with critical patches eliminates these threats.  The breached party should have redundant networked hardware systems in place, backed up data, contingency plans to put duplicate systems online immediately in order to maintain operations.
  5. Update your Companies Hardware– Old outdated hardware simply can’t keep up with the requirements of newer robust software or the security software required to keep networks secure.
  6. Back Up All of Your DataYou have to make sure that you are regularly backing up data to a secure location. This data should also be encrypted.
  7. Manage All IdentitiesYou also must make sure that you are managing identities and access to accounts. You must do this across the board, as just one account being accessed could make you or your network extremely vulnerable.
  8. Use Conditional AccessAdditionally, you should make sure to use conditional access that is based on factors such as location or device.
  1. Utilize Multi-Factor Authentication – You can use multi-factor authentication to keep accounts protected, too. You can use this on its own, or with other conditional access methods to ensure those who are trying to access your data are legitimate.
  2. Security Awareness Training– Assuming employees know what to do and more importantly, what not do, is risky. Providing effecting ongoing security awareness, and in the authors opinion “security appreciation training” is partnering with employees to protect the network.
  3. Patching – Set up a system so that you can always ensure that your hardware and software is always patched and updated on a regular basis. This helps to keep your data safe.
  4. Align Your IT Security with Other Business Security – Those who are in the IT industry often feel as if they are struggling to keep up with changing technology, including security tech. The success of a business is based on keeping it secure, and by keeping all types of security in mind, including IT security, has a direct impact on revenue.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

How a Wi-Fi Hacker Snoops on Your Laptop and Mobile

You have likely heard of the dangers of using unsecure public Wi-Fi, so you know that hackers are out there snooping. It is pretty easy to hack into a laptop or mobile device that is on a public Wi-Fi connection with no protection. Hackers can read your emails, steal passwords, and even hijack your website log ins.

Let’s imagine that you are in a local coffee shop with your laptop. All someone has to do is download a wireless network analyzer, which usually has a free trial, and with the right hardware and additional software they can often see what everyone is viewing online…unless they are protected. In some cases they can also read your emails that are going out and received, as well as texts you might be sending. Scary, right?

Tips on How to Use a Wi-Fi Hotspot Safely

You now know what you are up against when you connect to a public Wi-Fi spot, but you should also know that you can use them with some safety in mind. Here are some tips:

  • When you log onto a website, only use an encrypted connection. This means use the URL that begins with HTTPS, not HTTP. Keep an eye on that as you move from page to page because some sites will send you to an unsecured page, which makes you vulnerable.
  • There are also many websites out there that will allow you to encrypt your browsing session automatically. Facebook, for instance, has this. To turn it on, go to your “Security” settings on the site, and then enable “Secure Browsing.”
  • If you are going to check your email, login to your web browser and then ensure that your connection to your email client is encrypted. (Check by looking at HTTPS). If you are using Outlook, or another email client, make sure that your settings are set for encryption.
  • Don’t use any service that is not encrypted when you are on a public Wi-Fi connection.
  • Consider using a VPN when you are connecting to a public Wi-Fi connection. There is a small fee for this, but it’s well worth it.
  • Beware of “evil twins” which are rogue networks designed to mimic legitimate networks. Example “ATT WiFi” my be “Free ATT WiFi”. Other than downloading special software that detects evil twins, the best case is to ask someone who’s knowledgeable as to which network is the safest.
  • If you are on a private network, make sure you realize that they are also vulnerable. Anyone who knows how can spy on the network. Again, use WPA or WPA2 security so the connection is encrypted. However, if someone guesses or knows the password, they can still spy on any device that is connected

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

A Guide to How Hackers Hack

You have surely heard of hackers, but do you really know how they work? Hackers are well known for being bad guys, though there are certainly good hackers out there too. Here’s a brief guide to help you understand how a hacker can hack:

Directions for Hacking are Easy to Come By

Hackers don’t have to look far for help, especially if they don’t know much about hacking. First is a well-known website known as Kali Linux. It has a ton of tools available for hackers, and the site features many links to other hacking resources. Of course, people who want to hack often go to YouTube, and there are more than 300,000 videos there that teach people how to hack. There are also thousands of other websites out there with easy to follow hacking instructions, and you can find them in about a minute.

Software is Easy to Find, too

Directions for hacking is one part of it, but there is also software available that makes the job of hacking quite easy. Here are some of the options available:

  • Cain & Able – This tool helps a hacker intercept traffic on a network, and then can use that information to get passwords, which helps them get into accounts. More than 400,000 people have downloaded this software.
  • Burp Suite – Hackers use this tool to map out the structure and pages of a website, and then they use the information to attack the site.
  • John the Ripper – People use this tool for dictionary attacks. Basically, it takes text strings, encrypts them, and then uses the information for an attack.
  • Angry IP Scanner – This is a free tool that allows the user to scan a network for open ports. Once they find one, they can easily gain access.

Hackers Also Use Hardware

In addition to downloading software for hacking, it’s also possible for hackers to use hardware. One is called Wi-Fi Pineapple, which is a small, portable object that the hacker can use with any hotspot. They use it to find a laptop that is searching for an access point. Once the Pineapple sees an open connection, the hacker can read texts, emails, and see what websites you are viewing.

Protect Yourself from Hacks

There are many things that you can do to protect yourself from hackers. First, make sure you are using an encrypted website, one with HTTPS instead of HTTP in the address. Also, consider using a VPN when browsing. This encrypts your data so a hacker cannot read it. There’s a ton more to do. Go here: https://safr.me/blog/

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

Gift Cards: The Newest Scam that You Should Be Aware of

Hackers are making a lot of money thanks to phishing attacks these days, and now they are also focusing on gift card scams. One of the most notorious scam groups, Scarlet Widow, which is out of Nigeria, has been boosting its efforts to scam people with gift cards since 2015. This group generally focuses on people in the UK and US and also is known for tax scams, romance scams, and rental cons.

Are you at risk of getting scammed by Scarlet Widow? The group generally focuses on medium to large US businesses and nonprofits including the United Way, Boy Scouts of American, and YMCA chapter. The scammers send emails to employees of these organizations, and though most people understand that the emails are, indeed, scams, it only takes one person to put your organization at risk.

The Targets

From November 2017 to the present, Scarlet Widow has targeted thousands of nonprofits and individuals. It also targets the education industry and tax industry. Scarlet Widow only succeeds by getting access to these organizations’ email accounts. They might put malware in the emails or use malicious phishing links. Either way, eventually, these people are going to be able to scam the organizations.

The Scam

Though traditional phishing scams work for Scarlet Widow, it is really focusing on the gift card scam these days. In October 2018, more than a quarter of people who have been scammed during the year said that they were victims of a gift card scam. Scammers love these because they can get the cash quickly, they can be anonymous, and it’s very difficult to reverse. All the scammers have to do is convince someone to buy a gift card, then send them a photo, and they can take the money that is on there.

Scarlet Widow generally focuses on Google Play and iTunes gift cards, but other scammers will ask for cards from places like Target, Walgreens, or CVS. You might think it sounds strange that these people could con others into paying for business services with gift cards but remember…these scammers are experts at manipulation. They will certainly come up with some story with a sense of urgency, and people fall for it all of the time. For instance, there was an administrator in Australia who sent a scammer $1,800 in iTunes gift cards. The email she got seemed as if it was from the head of the finance department, so she believed it was legitimate. However, it was just a scammer.

A security awareness training financial advisor client of mine was conned too. Actually it was his assistant. She received an email that looked like it was coming from him requesting 5 $500.00 Apple gift cards to send to their top 5 clients. She went right out to Walgreens, bought 5 cards and the instructions were to scratch off back to reveal the codes and email pictures of the cards and codes back to him. Which she did. And then the scammers disappeared.

Though there are limitations to scammers using gift cards, these nefarious groups will use any method they can think of to get more money funneling in. So, if you ever get a request from a contractor or organization leader asking for a gift card, use an extreme amount of caution.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity Protection security awareness training program.

What Was Scary About Blackhat 2017?

As you might know, at the end of July, all types of hackers came to Las Vegas to attend Blackhat 2017. During the conference, some pretty scary hacks were exposed, and we can all take this as a lesson on what we are up against in this technology-heavy world. Here are some of the scariest hacks we learned about during Blackhat 2017:

Carwash Hijacking

Nothing is safe from technology, and these days, carwashes are an unexpected target for hackers. It is perfectly possible that a car wash could be hacked, controlled remotely, and used to destroy vehicles. Scary.

Hacking Cars

Speaking of vehicles, it was also revealed how easy it is for a pro to hack automobiles. Just last year, Chinese hackers were successful in hacking a Tesla S. The hackers disabled the brakes, so Tesla updated security in its cars. However, recently, the car company was hacked again, showing that hackers always find a way.

Oculus Headsets and Hoverboards

Another scary hack participants learned about was that hackers can access hoverboards and the Oculus Rift headsets. These hacks could cause the devices to shake uncontrollably, bringing harm to those who are using them.

Printer Hacking

Michael Howard Chief Security Advisor of HP and painfully demonstrated that only 18% of IT security managers are concerned about printer security where as 90% are concerned about PC’s. That stat is one reason why ?92% of Forbes Global 2000 companies experienced a breach in 2016 which in part resulted in 4 billion records breached worldwide. According to the Ponemon Institute, 60% of data breaches reported by companies involve printers. Very scary.

The Motivation of Adversaries

We also learned that hackers wanting money, data, or intelligence aren’t their only motivation. More and more, they are motivated by the ability to manipulate people, to undermine democracy, and to wreak havoc for journalists and activists.

Wind Hacking

Wait, what? Participants at Blackhat 2017 also learned about how the bad guys are hacking the wind. Well, not actually the wind, but the systems that create wind energy. The main motivation here is money. Just one hacked turbine can cost anywhere from $10,000 to $30,000 per hour. That’s a lot of leverage for hackers who only need to hack a single turbine to demand ransom to set the turbine free.

Hacker Masquerade

Hackers are also using a savvy technique to hack phones. Chinese hackers are switching from targeting high tech LTE networks to slow 2G technology. This means, when our phone switch to a slower network, which happens if the signal isn’t strong, even if you have great security, your phone can still be hacked.

Facebook Bounties

These are some of the scariest hacks we saw at Blackhat 2017, but never fear, white hat hackers are on it. In fact, companies like Facebook are offering cash, up to $1 million, for developers who create software to keep users safe. OK, not scary. But good.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Blackhat Hackers Love Office Printers

The term, or in this case the word “blackhat” in tech generally refers to a criminal hacker. The opposite of black is white and a “whitehat” is a security professional. These terms originate from the “spaghetti western” movies when the bad guy cowboy wore a black hat and the law wore white hats. Fun huh?! Blackhat is also the name of the largest conference on the planet for information security. The conference itself is 20 years old and as Alex Stamos who is the CSO for Facebook and also Blackhat 2017’s keynote speaker said “Blackhat isn’t even old enough to drink” That statement reflects just how far we’ve come in information security and also how much more there is to do.

One of the presentations at Blackhat discussed printer security called “Staying One Step Ahead of Evolving Threats” by Michael Howard Chief Security Advisor of HP and painfully demonstrated just how much more there is to do.

Do you ever feel as if your office printer is dangerous? Most of us don’t. In fact, more than half of businesses don’t even bother adding printers to their security strategies. Mr Howard stated only 18% of IT security managers are concerned about printer security where as 90% are concerned about PC’s. That stat is one reason why ?92% of Forbes Global 2000 companies experienced a breach in 2016 which in part resulted in 4 billion records breached worldwide.

Hackers know this, so office printers are the perfect target for them. Remember, printers are connected to the network, and if unprotected, they are easily hacked. According to the Ponemon Institute, 60% of data breaches reported by companies involve printers. So, why do hackers love printers? Here are a bunch of reasons:

Networks are Vulnerable

Even if you have a firewall, there are several devices that might be on a network that are access points to that network. When you don’t add your printer to your security plan, it becomes a welcome access point to hackers. Once they get in, the consequences could be terrible for a business.

Hackers Can Get Useful Data

The data that hackers can get from printers that are not protected is unencrypted. If one of your staff members sends sensitive information to the printer, yet it is unencrypted, the hackers can read it. Mr Howard shared how one universitys unsecured printers led to students hacking tests days before they were taken, giving the students a significant advantage. Do you really want your company’s data to be open like that? All hackers have to do is take it if the printer isn’t protected.

They Know They Can Access Other Devices

Hackers also love office printers because they know that once they are in, they can access other unprotected endpoints on the network. Mobile devices are an excellent example of this. It is quite challenging to secure access to all of these devices. The more devices that are connected to the network, the easier it is to access it.

Information Leaks

How many times have you printed something at the office and let it sit in the tray for a while? This happens often. Hackers know this, too, and they can essentially print anything once they have access to the printer and retrieve it at any time. This easily opens up the business to compliance issues.

Finally, hackers love office printers because they get inside access. ?Once the printer is compromised, so is the rest of the network.

  • Change the printers default passwords.
  • All computing devices including printers need encryption.
  • Printer hard drives have lots of data. Destroy hard drives prior to recycling or reselling.
  • Printer firmware and software needs to be regularly patched and updated.
  • Use “fleet management” tools to ensure all of the companies devices are protected.

When businesses implement security policies and procedures that directly address endpoints, including printers, they significantly reduce risk and maintain proper network and data security compliance.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

How to Stop Your Cellphone from Getting Hacked

If you are like most of us, you probably have a password, antivirus program, and a firewall for your home computer to protect it from hackers. Are you doing the same thing for your phone?

From 2015 to 2016 malware infections on smartphones swelled by 96%, and about 71% of the smartphones out there do not have any software at all to protect them. What does that mean for you? It means the odds are against you when it comes to getting your phone hacked. Luckily, there are some things you can do to protect your mobile phone from hackers:

  • Update Your Operating System – Many people skip updates for some reason. Don’t put it off. Most of these updates contain security fixes that your old operating system didn’t have.
  • Put a Lock On It – If your phone doesn’t have a passcode on it, it’s like leaving the front door of your home open for burglars. Hackers will get in; it’s just a matter of time. If you can, use a biometric method, like a swipe or finger tap. In addition, set up a good passcode. Make sure it’s totally unique and nothing a hacker can guess, like your address or birthday.
  • Use Caution with Public Wi-Fi – Public Wi-Fi is great, in theory, but it can also be dangerous, as it is very easy for hackers to access your info. It’s usually pretty safe to use a public Wi-Fi connection for things like catching up on the news or watching a movie, but don’t put any personal information into your device such as your banking password or credit card number.
  • Check Up On Your Apps – Hackers often use phone apps to access data. So, to make sure you are really safe, make sure to delete any apps that you aren’t using regularly. An outdated app can be dangerous, too, so make sure to always update when one is available. Also, only download apps from reputable sources like Google Play and iTunes.
  • Use a VPN – Finally, use a VPN, or virtual private network. This will encrypt your information when you use it over a public network. They are free or cheap, usually $5 to $30, and that small investment is definitely worth it for your safety.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Hire an Ethical Hacker NOW!

You might think it’s crazy to actually hire a hacker, but if you don’t have an ethical hacker on your security team, you could be playing a dangerous game.

Ethical hackers are called “white hat hackers” and are legal hackers, that help businesses find security problems in their networks. Developer and security teams, who build out codes, should have a white hat hacker on their side. This way, they will know from the start if the code is vulnerable. This is also known as “application security”.

How Important are Ethical Hackers?

How important is this? It’s so important that even the largest companies in the world are using this practice. Take Microsoft, for instance. They host a competition for white hat hackers, and challenge them to find any bugs present in their codes. This is called a “bounty”. On participant, was able to bypass every single security measure that Microsoft had in place. Can you imagine what would happen if he was one of the bad guys?

This type of security solution should be the first line of defense for your company, as they expose the risks that your company might have. Additionally, many companies used white hat hackers to ensure that they are complying with legal standards, such as HIPAA.

Wouldn’t Security Audits Work?

A security audit is basically a checklist for what a network has and doesn’t have in place. There’s not rubber on the road. Ethical hacking is a real world test. A security audit isn’t. The job of a white hat hacker is to find as many holes in the code as possible, and then report them back to the company. Another benefit of using an ethical hacker is that the information they provide helps to enhance the detection quality of products. An audit probably wouldn’t find this information.

What Does it Mean For Your Company?

Before anything, it’s important that you realize that an ethical hacker can help you and your business. A strong security program must focus on both the security of the code and the program’s security as it runs. This is where an ethical hacker will be most beneficial. Of course, it’s best to get the coding right the first time, but mistakes happen, and this is where a white hat hacker can make a huge difference.

So, the next time you talk about staffing, remember to bring up the addition of a white hat hacker. It could be the difference between keeping your data safe or being the victim of a real hacker.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Researchers Say Office of Personnel Management Hack Leads to Ransomware

In June, 2015, it was revealed by an anonymous source that the Office of Personnel Management was hacked. This office, which administers civil service, is believed to have been the target of the Chinese government. This is one of the largest hacks in history involving a federal organization.

Slowly, the motivation behind the hacking is being understood. At first, it seemed obvious, the stolen data being personally identifiable information, which is what was taken can be used for new account fraud. But in government breaches, they usually look for military plans, blueprints, and documents that deal with policy.

The question, of course, is why did the hackers focus on this information? Well, some of the data that was taken was used to launch other attackers against contractors, and this resulted in the access to several terabytes of data.

Now, those who have become victims of this attack have found themselves being the target of ransomware.

Security experts have recently noticed that the victims have been getting phishing emails, and these messages look like they are coming directly from the Office of Personnel Management. When these emails arrive, the body and subject of the message seem as if the email contains an important file. When the unsuspecting victim downloads the .ZIP file, however, they instead receive a type of ransomware called Locky.

These attacks are much more dangerous than the average phishing attack. This is mainly due to the fact that they are being received by those who have worked with the Office of Personnel Management before. Thus, they have seen the genuine emails from the office, which look remarkably similar to the fake ones. The only thing that set the two emails apart was a typo that said “king regards,” instead of “kind regards,” and a phone number that doesn’t work. These are details that many people overlook, which makes it easy for hackers to be successful with these schemes.

Who was Really Behind This Hack?

Though experts believe that the Chinese government is behind this hack, there are some facts that look a bit fishy. For instance, since personal data was taken and data has been taking hostage, this seems much more like a typical cybercrime operation instead of something that a nation would do. After all, why would China be looking for a few hundred dollars from people who want their files back?

Of course, this could be a smokescreen and someone could just be using this attack as a smokescreen…and while experts are focused on this, the real attack could be planned for the future.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Your Hacked Mobile Phone Number is Like Your Social Security Number

If you have a cell phone, and you use it in any way associated with accessing online accounts (and many do), you are putting yourself at risk of getting hacked. With only a phone number and a bit of information, which is easy to get through social engineering, a hacker can break into your personal and financial accounts.

5WThis works by getting information about you, such as your birthday, address, or even the last four digits of your Social Security number…information that is readily available…and then creating a plausible story to gain access to your phone account, phone and various online accounts. Once they have access to your accounts, they can change the phone number, get a new sim card and then change account passwords, and you will be unable to access the affected accounts. Below, you will find some tips to help you protect your phone number:

Use a Passcode

If you have the option to put an additional passcode on your phone account, do it. Though this isn’t foolproof, it will certainly help to give you some added protection.

Disable Online Access to Cell Phone Accounts

I’m not doing this, but some should. This might be frustrating, but it will further protect you. If you need to make a change, you can call or go into the store.

Consider Using Google Voice

Google Voice is a safer option for many, and you can even forward your existing number to Google Voice. This helps to mask the calls you make, which means no one would have access to your real number.

Use a Carrier-Specific Email to Access Your Mobile Phone Account

If you are like most people, your email address and phone number help you to access most of your internet-based accounts. Ideally, instead, you should have a minimum of three email addresses: your primary address, one for your mobile phone carrier only, and one for sensitive accounts, such as your bank and social media. This way, if your primary email is compromised, a hacker cannot access your sensitive accounts.

Ask Your Carrier for Account Changes

Finally, you can ask your carrier to only allow account changes in person with a photo ID. Though there is still a chance that a hacker could pose as you with a fake ID, the chances are much lower.

There are also some steps that you can take to protect all of your online accounts:

Create Complex Passwords

One way to protect your online account is to create complex passwords. It’s best to use a password manager that creates random, long passwords. If you don’t use a password manager, create your own password of random numbers, cases, and special characters. These might include “4F@ze3&htP” or “19hpR$3@&.” Try to make up a rule to help you remember them.

Don’t Tell the Truth

Another thing that you can do is to stop being truthful when answering security questions. For instance, if a security question asks what your mother’s maiden name is, make it up. Something like this is too easy to guess…just make sure you remember it!

Don’t Connect Your Phone Number to Sensitive Accounts

You also should make sure that you are not connecting your phone number to any sensitive accounts. Instead, create a Google Voice number and use this for your sensitive accounts.

Use Passcode Generators

Passwords are easily stolen via key loggers, which is software that records keystrokes. You can protect yourself from this by using a one-time passcode generator. This is part of the two factor or multi factor authentication process. These generators are wireless keyfobs that produce a new passcode with heavy frequency, and the only way to know the passcode is to have access to the device that created the passcode.

Use Physical Security Keys

You also might want to consider using physical security keys. To use these, people must enter their passwords into the computer, and then they must enter a physical device into the USB port, proving that they are the account owner. This means, in order to access an account, a hacker must not only know the password, they must have the physical device.

Consider Biometrics

Finally, if you really want to protect your internet accounts, you should use biometrics. You can purchase biometric scanners, such as those that read your iris, fingerprint, or even recognize your voice. When using these, you will be unable to access your accounts unless you provide this biological information. There are a number of devices on the market that do this.

Though these steps might seem a bit time-consuming, they can be the difference between keeping your private and financial information safe and getting hacked.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.