All Posts By

Richard

Cybersecurity Awareness and Training White Paper

By | White Papers

This white paper was written by the State, Local, Tribal, and Territorial Government Coordinating Council, however it can pertain to any organization. It discusses how cybersecuriy risks are exacerbated when weak or non-existent cybersecurity programs are embedded into the organization. Organizational risk becomes a concern when information technology (IT) personnel do not make a concerted effort to train employees and manage cybersecurity programs’ effectiveness. Executives may often be unaware of these risks because they assume their IT manager, chief information officer, chief information security officer, or the external contractor managing security for the organization is managing security efficiently and effectively. Many security breaches are often a result of poor security awareness and training programs.

Table of Contents:
  • Risk to SLTT Governments
  • Training
  • What Is Phishing?
  • Best Practices/Executive Sponsor
  • Technical Assistance
  • Security Awareness

Download the whitre paper here:

Download “Cybersecurity Awareness and Training White Paper” slttgcc_cybersecurity_awareness.pdf – Downloaded 24 times – 732 KB

Share this on:
Share

The Internet of Things White Paper

By | White Papers

Created by the State, Local, Tribal, and Territorial Government Coordinating Council, this white paper describes issues related to the “Internet of Things” (IoT). The Internet of Things (“IoT”) can be defined as the interconnection, via the internet, of computing devices embedded in everyday objects, enabling them to send and receive data. These devices are also commonly referred to as “smart devices.” The diversity and scale of these smart devices makes securing them and the networks they reside on a daunting challenge.
Table of Contents:
  • Security and Privacy Implications For IoT Devices
  • Weaponization Of IoT Devices
  • Securing the Internet of Things
  • Laws, Standards and Guidelines
  • Resources

Download the white paper here:

Download “IOT Whitepaper - SLTTGCC” slttgcc_iotwp.pdf – Downloaded 28 times – 876 KB

Share this on:
Share

What Is Social Engineering?

By | Our Blogs, Privacy, Security

Wombat: What Is Social Engineering?


In this first segment of a two-part video blog, Wombat brings end users up to speed on the concept of social engineering. Viewers will understand what this threat is and the ways they might encounter social engineers in their work and personal lives, including phishing attacks, smishing text messages, social media fraud, vishing calls, and imposter scenarios. Also discussed are the emotional aspect of social engineering, and how attackers attempt to use our natural human tendencies to trick us into providing access to people, places, and things that should be off limits.

This brief video allows you to share practical information with your end users in straightforward, digestible terms they can understand. It is a good companion to Wombat’s Anti-Phishing Training Suite, which provides simulated phishing assessments and hands-on training about the social engineering techniques cybercriminals use to trick end users into compromising data and systems.

[wp_colorbox_media url=”#inline_content” type=”inline” hyperlink=”Request A Quote on Wombat’s Anti-Phishing Training Suite”]
Contact SecureNation
For More Information




Share this on:
Share

Massive 46M Dollar Cyberheist

By | Our Blogs

Scam Of The Week:

Massive 46M Dollar Cyberheist

Brian Krebs just reported on a massive 46M dollar Cyberheist. Tech firm Ubiquiti Networks Inc. disclosed this week that cyber thieves recently stole 46.7 million dollars using an increasingly common scam in which crooks spoof emails from executives at the victim firm in a bid to initiate unauthorized international wire transfers. Ubiquiti, a San Jose based maker of networking technology for service providers and enterprises, disclosed the attack in a quarterly financial report filed this week with the U.S. Securities and Exchange Commission. The company said it discovered the fraud on June 5, 2015, and that the incident involved employee impersonation and fraudulent requests from an outside entity targeting the company’s finance department. “This fraud resulted in transfers of funds aggregating 46.7 million dollars held by a Company subsidiary incorporated in Hong Kong to other overseas accounts held by third parties,” Ubiquiti wrote. “As soon as the Company became aware of this fraudulent activity it initiated contact with its Hong Kong subsidiary’s bank and promptly initiated legal proceedings in various foreign jurisdictions. As a result of these efforts, the Company has recovered 8.1 million dollars of the amounts transferred.” Known variously as “CEO fraud,” and the “business email compromise,” the swindle that hit Ubiquiti is a sophisticated and increasingly common one targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. In January 2015, the FBI warned that cyber thieves stole nearly 215 million dollars from businesses in the previous 14 months through such scams, which start when crooks spoof or hijack the email accounts of business executives or employees. In February, con artists made off with 17.2 million dollars from one of Omaha, Nebraska’s oldest companies — The Scoular Co., an employee-owned commodities trader. According to Omaha.com, an executive with the 800-employee company wired the money in installments last summer to a bank in China after receiving emails ordering him to do so. Ubiquity didn’t disclose precisely how it was scammed, but CEO fraud usually begins with the thieves either phishing an executive and gaining access to that individual’s inbox, or emailing employees from a look-alike domain name that is one or two letters off from the target company’s true domain name. There is more detail and data about this cyberheist at Brian’s site: http://krebsonsecurity.com/2015/08/tech-firm-ubiquiti-suffers-46m-cyberheist/ This is exactly the kind of thing that is prevented by effective security awareness training. The bad guys have a back door into your network; your employees. You can spend a large amount of money putting all kinds of security software in place and you should, but it can be all wasted if you don’t also train your employees and keep them on their toes with security top of mind. Find out how affordable this is today and be pleasantly surprised SecureNation can help with training from Wombat Security. Click here for more information.
knowbe4-logo-InfoCour
Share this on:
Share

How New Phishing Malware Rombertik Kills Your Hard Drives

By | Scam of the Week, Security
InfoSec researchers at Cisco’s TALOS group discovered a strain of malware that spreads through phishing. Attackers use social engineering tactics to entice users to download, unzip, and open the attachments that ultimately result in the machine’s compromise. The strain is dubbed Rombertik, monitors everything that happens inside an infected machine’s browser and exfiltrates it to a server controlled by the attacker, similar to Dyre. However, when it detects that it is being analyzed, it takes extreme evasive action; it wipes the Master Boot Record (MBR) or home directories, trapping the machine in an infinite boot loop. The MBR is the first sector of a computer’s hard drive that the machine reads before loading the operating system. However, deleting or destroying the MBR involves re-installing the operating system, which almost always means data is lost. In what is likely a bit of sick humor from the criminals, in case it cannot get access to the MBR, Rombertik works just like ransomware and starts encrypting all files in the user’s home folder. The malware chooses a random 256-byte encryption key for each file, but none of the keys are saved anywhere, so you end up with what is effectively random, shredded bits instead of your files. After the MBR is overwritten, or the home folder has been encrypted, the computer is restarted. Only files with the extensions .EXE, .DLL, .VXD and .DRV will survive. The upshot: Rombertik begins to behave like a wiper malware sample, trashing the user’s computer if it detects it’s being analyzed. While the Cisco TALOS team has observed anti-analysis and anti-debugging techniques in malware samples in the past, Rombertik is unique in that it actively attempts to destroy the computer’s data if it detects certain attributes associated with malware analysis. What To Do About It: Ultimately, you need to practice defense-in-depth which protects your entire attack surface, but here are two tips that will mitigate attacks like this with the best bang for your IT security budget:
  • Have multiple layers (and different AV engines) of malware scanning in place; the firewall, your mail server/email gateway, and the desktop. That means a different vendor, using a different AV engine for your firewall, your mail server/email gateway and your endpoint AV. Then filter out almost all email attachment types except a few essential ones. Check out which AV engines your vendors use, because there is a lot of OEM-ing going on in the AV space, which might result in you using the same engine, but with a different label. Not good.
  • Step your users through effective security awareness training and follow up with regular simulated phishing attacks which will keep them on their toes with security top of mind.
  • Have good backup routines that are constantly tested to ensure if your data is lost that it can be easily recovered.
Contact us at SecureNation to discuss Defense In Depth, Employee Security Training, or Disaster Recovery options.

Share this on:
Share

SCAM: Nepal Earthquake

By | Scam of the Week
More than 7,000 people dead and counting. And you can also count on cyber-criminals exploiting the disaster. What else is new. Disgusting. Scammers are now using the Nepal disaster to trick people in clicking on links, both on Facebook, Twitter and phishing emails trying to solicit charitable giving for the earthquake victims. It is typical of past disaster fraud scams in which the scammers play on the heartstrings of people that want to help the victims.  Here are some examples:
  • Facebook pages dedicated to victim relief contain links to scam websites.
  • Tweets are going out with links to charitable websites soliciting donations, but in reality included spam links or links that lead to a malware infection.
  • Phishing emails dropping in a user’s inbox asking for donations to the Nepal Earthquake Fund.
Previous disasters have been exploited like this, but the bad guys are going at it again will all guns blazing. Be wary of anything that is about the Nepal Earthquake in the following weeks. Please warn your employees, friends and family against this scam of the week. If you want to make a donation, go to the website of the charity of your choice and make a donation. Type the address in your browser, do not click on any links in emails or text you might get. THINK BEFORE YOU CLICK. Here is the FBI alert about this scam. It might be a good idea to send this link to all employees, an FBI alert usually has a bit more impact. http://www.fbi.gov/sandiego/press-releases/2015/fbi-warns-public-of-disaster-scams
Share this on:
Share

Fall-outs from infamous data breaches

By | Our Blogs
Closed-out-of-businessIn a blog on IT Governance dated February 17, 2015, Julia Dutton (Link here) wrote about the expenses and other ramifications that companies caught with a data breach have endured and could encounter in the future. We are talking lawsuits, remediation (both for the company and its customers), more investigations, and possible firings of top executives. Any organization that does not take its IT security seriously could be find themselves paying out millions of dollars to potential victims of any data breach from their files. Lawsuits are now proceeding Target from the banks that had to pay out to replace the compromised credit cards. If you think you are safe, that is the first clue that you need more security. No one is safe anymore, about the best we can do is to do our best to protect our assets and our customers from data breaches. Like Jeff Mueller, FBI Director once said, “There are only two types of companies: those that have been jacked and those that will”.
Share this on:
Share

Merchants have new cause for concern

By | Fraud, Our Blogs, Security
Reuters published an article on December 5th talking about new lawsuit status that could leave merchants and other taking credit cards for payment with more concern than ever. A judge in Minnesota ruled that a class action lawsuit from banks and other financial institutions can proceed against Target. U.S. District Judge Paul Magnuson found that the banks were foreseeable victims of Target’s negligent conduct. The suit seeks to recover some of the billions the banks and financial institutions spent replacing customers’ compromised credit and debit cards. Target filed to dismiss because there was no contract in place between the card issuers and Target. Magnuson agreed with the bank’s argument that the case is about plain old negligence, not third-party contract harm. He also found that imposing a duty of care on target “will aid minnesota’s policy of punishing companies that do not secure consumers’ credit- and debit-card information”, a policy he found followed from Minnesota’s Plastic Card Security Act which holds merchants liable for card issuers’ cost on Minnesota business that have violated the law’s restrictions on retaining customer data. To read the full story, Click Here
Share this on:
Share