Phishing Email: A Comprehensive Guide to Protecting Your Data

Your IT staff can lock down your network like Fort Knox, but it only takes one accidental click in a phishing email to give a hacker the keys to walk right through the front door.

What is a phishing email?

Have you ever received an email that prompts you to do something like change a password or provide credentials, phone numbers, or email addresses? These are clues that the email may be a phishing email.

A phishing email is a scam email. It is “the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, credit card numbers, or other sensitive details by impersonating oneself as a trustworthy entity in a digital communication” (Wikipedia).

Typically, phishing emails appear to be from a trusted source like Microsoft or your IT department. They might claim an account has been compromised or that it needs to be verified. If you click on a link in the email, it takes you online to the attacker’s spoofed site, which then prompts you to enter your credentials. If you fall for this, you put your own credentials right into the hands of cybercriminals.

Phishing emails pose a growing threat to enterprises as well as small businesses worldwide. The increasingly sophisticated strategies of threat actors make it difficult to recognize them. These types of attacks are some of the most virulent security threats out there. Clicking on one little link in an email or downloading an attachment may not seem like a big deal, but it could potentially cause considerable damage to your data, your business, and its reputation.

Differentiating a phishing email from an authentic email

It is especially important to be able to identify these fraudulent emails. Threat actors strategically design them so that it is difficult to tell them apart from authentic emails. If you are not sure something is real, get a second opinion from your manager or IT service engineer. It is better to be safe than sorry.

Below is an example of a phishing email that can be very believable.

Don't be fooled by phishing emails that appear like they are from a trusted source

Can you identify if this email is real or fake? It looks like a real Microsoft notification. However, you will notice the sender address is:

“department-service_msn@outlook.com.”

This email is not from Microsoft and should be deleted and ignored. Here is another example:

End User Security, Protect Against Email Phishing

The above image is a screenshot of a real phishing email that was received a few months ago. Although this email was easy for the recipient to identify as a scam, it is a good example of what you can look for. The red comments point to each of the clues that identify it as a scam.

Is it real or fake? Check out these clues

  • The sender appears to be within your organization, but you have never heard of him/her
  • You or your team do not use the services they are claiming you do
  • You trust the source, but the message is unexpected
  • The sender’s message does not make sense or uses poor grammar
  • The name of the sender is someone you know within your organization, but the email address is strange
  • The email looks official, but it is coming from outlook.com or gmail.com
  • The sender is asking for sensitive information
  • The email claims to be from someone within your organization, but the style and manner do not match routine communication protocols

A Phish Story

Recently, a business was hit hard by a phishing email opened by a single user. The scammer that sent the message logged into an employee’s email and sent an email to not only his coworkers but also his clients. The hacker said he was in a bind and needed someone’s help who had an Amazon account. He configured the email account to forward all emails to a spoofed email that was similar to the victim’s account using the same name and contact information.

Unaware of the situation, many of the recipients responded that they did have Amazon accounts. The scammer sent out another email to these individuals asking them to buy a $500 gift card for him and he would pay them back. Fortunately, someone figured out what was going on and the employee’s email account was recovered before anyone sent a gift card. But still, there was damage done.

Part of this business’s services included collecting and safely storing their clients’ financial data. When the clients realized that this company had been hacked, they feared their financial data and email addresses were not safe with them.

This was a hard lesson for the business owners to learn. Anyone can get hacked. But you and your team can reduce the chances by becoming more educated about phishing emails.

You have a part to play in fighting against email phishing

Your IT company secures your company using firewalls, data backups, antivirus, and a host of other tools. But these cannot protect your business against breaches caused by end-user vulnerabilities.

You and your team have a part to play in proactively protecting your organization and its data. As a team member, you are given privileges that, in the wrong hands, could cause a lot of potentially irreparable damage to your business and day-to-day workflow.

Crucial action steps to protect your company

  • Create and follow guidelines for communication within your company
  • Identify what should be communicated through email, phone, in person, or in text messages
  • Never give anyone else your password outside of the strictest circumstances
  • Emails from Integrinet IT will always be from integrinetit.com or integrinet.net
  • Emails from your team members and other departments within your company should only come from known email addresses at your domain name (i.e., yourdomainname.com, yourdomainname.org, etc.)
  • Watch closely for the clues mentioned in this article that alert you to phishing emails
  • Report suspicious email to your management and team
  • Participate in end-user security training
  • If you are unsure if what you are facing is a threat, avoid responding, clicking on suspicious links, or opening attachments and contact your management or service engineer.

If you feel your organization is not doing enough or needs help in securing your network from potential threats like phishing emails, contact your service engineer and start a conversation about it. We are always here to help and want to work with you to ensure your digital work environment is safe.

Microsoft Exchange Server Zero-Day Exploit: Update Now!

Starting in early January 2021, another pandemic in the form of a zero-day exploit has been taking advantage of on-premise installations of Microsoft Exchange Server. Threat actors have been attacking business networks around the world as quickly as COVID-19 attacked our global health.

What is a zero-day exploit?

A zero-day exploit is when attackers find an unknown vulnerability in software or hardware and then leverage it before security teams detect it and create a defensive patch. It goes unnoticed until attackers send their ransom note.

In this recent zero-day exploit, attackers searched for and found vulnerabilities in Microsoft Exchange Servers that many businesses use on-premise. The attackers exploited these vulnerabilities to access emails and obtain long-term access to business networks. Once inside a network, they withdrew valuable data and stored it in their own cloud servers.

The four flaws in Microsoft Exchange Server

CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065

Stealing Passwords & Searching for Vulnerabilities

Cyber attackers usually get into networks by stealing passwords. But they sometimes get in by searching for vulnerabilities as in the case of this zero-day exploit. Firewalls and antivirus software don’t detect the infiltrators because they basically steal the digital identity of someone who should have access. They can then create remote access to control the server and steal data from the company’s network.

Their end goal is to steal information. They scramble the organization’s valuable data so they can no longer access it. Then they use it for ransom. They may even destroy the network and data permanently.

National cybersecurity groups suspect a Chinese nation-state group, Hafnium, to be the source of these attacks. Microsoft engineers worked 24/7 to create the needed patches. They used out-of-band emergency patches. Out-of-band patches are fixes created and sent out immediately instead of waiting for the next scheduled update to issue them to the public. This means that Microsoft considered this threat to be very dangerous. All businesses should apply the update ASAP.

Hafnium’s Attack on Microsoft Exchange Server

Hafnium rents servers in the US even though the individuals themselves are based in China. They usually target organizations in the United States such as medical research organizations, law firms, universities, DoD contractors, and non-government organizations.

Even though this group is responsible for the initial exploits, there are many other bad actors that are moving in like vultures to take advantage of the situation.

Security Patches – Shields Up!

IT companies around the globe have been moving as quickly as possible to apply the updates and protect their clients.

The government department in charge of homeland cybersecurity reported worldwide exploitations. They have ordered all businesses and other organizations to apply Microsoft’s patches or disconnect email servers that are at risk. The direction has been to treat all organizations as if they have been compromised. If IT companies can’t find signs of the infiltration, they should disconnect the Exchange Server and rebuild it. Additionally, organizations should install and run security updates as an administrator as opposed to running them in normal mode. If you have made the mistake of doing this in normal mode, Outlook (for those who access it through their browser) and the Exchange Control Panel may stop functioning properly.

It has been a busy few months for our cybersecurity teams as well as others around the world.

One of the most important ways you can protect your technology is to keep it updated with patches and newer versions. This applies to all your computers, devices, machines, software, and servers. If you don’t keep them updated your vulnerability to cyberattacks increases.

Usually, Microsoft doesn’t provide patches for older versions of Exchange because businesses are responsible for keeping their technology patched and updated. But because of these global attacks, Microsoft has worked tirelessly to create more patches to protect those that still had older versions.

Give us a call if you need our help.

Read more about what’s been going on:

Emergency patch addresses MS Exchange Server zero-days

Mysterious Hades ransomware striking ‘big game’ enterprises

Microsoft Exchange attacks: Now Microsoft rushes out a patch for older versions of Exchange

What is a Zero-Day Exploit?

Is Your Business Network Vulnerable?

Is my business network vulnerable? That’s a question that keeps many business owners awake at night. Penetration tests for business networks often show that a network is most vulnerable from the inside. For example, it is not unusual when people write down their passwords and put them on their desks. I see it all the time.

Awareness of Local Exploitation

It’s important to be aware of the fact that there are vulnerabilities that can be exploited locally by individuals with the intent to steal data or cripple a business. Some might pose as a repairman or janitor. Some might be dumpster diving searching for information like account numbers, contact names, and numbers. And they want to breach your business to access your data.

The Value of Your Data

Your company’s data is the meat on the bones. It’s the most vital part of your business. Everything but the data can be replaced. So, if hackers can access your network and take your data, that can be devastating to your business. Too many businesses don’t realize how crucial it is to have their servers and networking equipment physically secure with a locked door or cabinet.

My Experience with Business Network Vulnerability

In my previous experience, I performed work for a large business that worked with sensitive, protected data. I brought it to the attention of management that the building’s network had a physically exposed element that could have been exploited by a hacker posing as a repairman or janitor.

This is why I continue to encourage the clients I work with to secure their network.

The following article (and video) is a great resource to understand how businesses can increase their network security. In non-techy language, it explains the most common network vulnerabilities. It even includes things like shoulder surfing, tailgating, and dumpster diving.

Read the full article: Common Types Of Network Security Vulnerabilities In 2020

At Least Put a Lock on the Door

The above article says businesses should have biometric authentication (fingerprint or face recognition) and access cards to protect servers. While I agree with this one-hundred percent, it is better than nothing to at least have a lock on the door and managers holding the keys.

A Construction Company Gets Hammered by A Keylogger

Every business needs #cybersecurity regardless of how small it is. This case study reported by the National Cybersecurity Alliance increases our awareness of this fact: The owner of a small family-owned construction company was notified that an unknown source initiated a $10K ACH transfer. They contacted the bank and learned that cybercriminals had made six transfers in one week from the company bank accounts, totaling $550K. How? Read the full story here. We are here to make sure you are protected from these kinds of attacks. Give us a call if you are in need of a free security assessment.

Read More…

A Firewall Is Critical for Business Security

Having a reliable firewall is extremely important in today’s environment. In the first half of 2019, 59% of MSPs reported Ransomware attacks on the companies they managed, according to a recent Datto Survey. The average ransom is $5,700. That is up 37% from the year before. You can see how essential it is to protect your server.

You must keep your guard up to keep nefarious actors out of your network. Your guard is your firewall. It protects your servers and infrastructure. There are many on the market and most are pretty good. Some last for years.

Keep Your Firewall Up to Date 

Keeping up with the latest technology is the best way to know which firewall to choose for your company. When researching, it’s important to know what you are doing because it can get pretty technical. Read the reviews and shop according to your budget. You should consider not only the purchase price but also the yearly services and support costs. Some businesses like the DIY option, but others prefer consulting with an IT Service company.

Fight Viruses & Hacking Exploits Floating Around in the Wild 

Maintaining a service subscription for your firewall will keep it up to date, which keeps your business safe from viruses and hacking exploits floating around in the wild. When you keep your subscription current, it will update your firewall with the latest version of firmware. Firmware is the software that runs the components in the firewall device and the software that runs it.

Prevent Business Operations Disruptions 

Support for your firewall allow you to call the manufacturer and talk to them about setup and repairs. If it has issues and you don’t have anyone who can log in and repair it, your Internet will go down. That disrupts your business operations, whether you’re working in the office or from home. This is happening more often than it should these days.

When Your Firewall Gets Too Old 

Your firewall is a critical piece of equipment. Keeping its support up to date is very important. Firewall companies only offer support for a certain period of time. After that period ends, you need to renew it. When the device gets too old, the manufacturer will no longer sell support for it. Once it fails, you will need to purchase a new one.

Without A Firewall for 30 Minutes – 699 Attacks 

Shipping times for new firewalls vary. You might have to wait for up to 3 days. That is a long time to go unprotected. We once tested what would happen to an Exchange server on the internet. It was password protected but had no firewall guard. Within 30 minutes, it was attacked 699 times by someone who was trying to hack through the passwords.

Understanding the importance of a firewall is paramount for a small business. If managed right, it will keep your confidential data safe from harm. We’re here to help you with that. Please give us a call to assess the state of your firewall. (844) 400-0616

Learn more about the Cybersecurity we offer!

Datto’s Global State of the Channel Ransomware Report 

Network Protection Best Practices – Maximize Your Value

Many small businesses don’t need an expensive complex data center to run their operations. But even with a small system, it is important to know about network protection best practices to maximize the value of your equipment.

Your network is composed of the interconnected computers, machines, and operations you use in your business processes to provide your clients with products and services. It includes hardware like your: 

  • Workstations 
  • Servers 
  • Switches 
  • Phones 
  • Access points 
  • Printers 
  • Firewall 
  • Routers 

There are some best practices you need to keep in mind to protect your company’s network and stored data. 

1. Create secure and clean spaces for network protection

Keep your server(s), switches, phone system, firewall, router in either a locked room or in a locked cabinet. Keeping them away from accidental bumps, knock-overs, or spills is just as important as protecting them from a breach. I have seen people knock over server racks that were not secure. I have seen people store cleaning products over servers that eventually spilled on them. No one needs these kinds of expenses when they can easily be avoided.  

2. Make sure these network spaces are well ventilated  

Choose spaces for your workstations, servers, and other network devices that are well ventilated. Heat is very hard on electronics, especially IT hardware. If you use enclosures, make sure they are well ventilated. Use containers with security screens, not those with sheer metal or wooden sides.  

3. Protect your network: connect it to an Uninterruptible Power Supply (UPS) 

Have a good business-type battery backup/Uninterruptible Power Supply (UPS). A basic home PC-type battery backup is not what you should be using on your server. Look for a Pure Sine Wave Device. Choose one that levels out the power as well as protects from surges. Dirty power that fluctuates constantly can be as hard on your equipment as power surges.  

4. Use Image-based backups for network protection 

Use an image-based backup, not just a data backup. An image-based backup will not only backup your data but also backup the operating system and its settings. If you have an image of the server, you can restore it much faster than if you only had a data backup. We are talking hours to restore, instead of days or weeks. If you are hit with ransomware which encrypts your data, you can wipe the server and restore the image quickly.  

5. Backup your network locally and offsite to reduce rebuild time 

Store backups locally and then offsite. If you only stream data to an online storage service, you can only retrieve it at the speed of the combined internet connections between their side and yours. I was working with a technician on a project once and he only backed up the data online and no image locally. They had a slow internet connection and only a data backup. It took about 2 days to rebuild the server internally with all the settings but then took over three weeks to stream the data from the storage service.  

6. Properly install firewalls to keep bad actors out without slowing business processes 

Use a firewall. They are not overly expensive to own. They keep bad actors out of your network. Have a professional install it so it doesn’t end up slowing down your business processes. You don’t want your firewall to get in the way of where you need to go. Most have content filters to keep your employees from going where they shouldn’t, which optimizes your productivity. 

These are some basic and best practices you should strive to engage in as a small business owner for network protection. None of them will break the bank. But neglecting them can eventually wreck you financially.  

Think ahead. Protect your network. The business you save will be your own. Schedule a free consultation with Joe if you’re in Utah or Fred if you’re in Idaho.

Cyberjacking – Security Alert

Cyberjacking has become a major problem for networks around the world. It is currently one of the top cybersecurity problems existing today. The term cyberjacking means hackers access your servers or workstations like parasites. They use your processing power to mine cryptocurrency. This exploit can be detrimental to your network and production. Because it uses your processing power, it slows down your network. A slow network decreases your productivity.  

This hack is difficult to detect and even more difficult to eradicate. It rewrites your server software and deeply embeds itself into your network. The best way to combat this type of malware is to wipe your server clean and restore from your image backups. That takes time and money.  

In one instance, I saw this attack come in through an email inside a PDF-looking document. When we investigated, the software was embedded inside a font. When an employee clicked and opened the file, the malware downloaded to the company’s network. Once running inside their system, it used the processor as part of their bitcoin mining operation. Servers keep logs of incoming and outgoing traffic. The cyberjacking malware erased these logs every minute to cover its tracks. It took over 2 ½ days to stop the attack and mitigate the damage. 

Protect your business from cyberjacking

It is important to protect your business from these kinds of parasitic attacks.

  1. Keep your firewall up to date with the latest virus and malware signatures.  
  1. Protect your email with filters either in Microsoft 365 or with another filtering service before it hits your onsite exchange.  
  1. Train your employees not to click on items originating from an unknown source. 
  1. Train them to validate even a trusted source to make sure requests for financial or confidential data transfers are genuine. 

Your due diligence is what keeps you safe. Give us a call for a network security checkup. Our service engineers are well versed on keeping your network secure.

This article on achieving PCI Compliance is also about increasing your cybersecurity in general: So You Want To Achieve PCI Compliance? Shields Up!

So You Want To Achieve PCI Compliance? Shields Up!

If your company accepts credit card payments, you know about PCI Compliance. Your network and system shields need to be up and secure when you handle your clients’ credit card information. Cybercriminals are always looking for ways to get past your shields.

The COVID-19 pandemic has pushed many businesses into increasing online and over-the-phone payment systems. While the virus is infiltrating our physical shields, criminals are seeking to infiltrate our digital shields. The pandemic has triggered the largest cybersecurity threat that we have ever experienced.*

When Shields Are Compromised

475%

Increase in malicious reports of cyberattacks related to the virus at the onset of the pandemic.*

41%

Of small businesses that have been breached paid more than $50,000 for resolution.*

60%

Of SMBs that suffer a data breach go out of business within six months.*

Just like we’re all putting our shields up by wearing masks and trying to social distance, we need to make sure we are shielding our systems and valuable data from the 4.57 billion people on the Internet (statista.com). (Can you see how this makes doing business with each other so difficult?)

These stats show why it is important to make sure your business is cyber-safe. Here are a few PCI DSS (Payment Card Industry Data Security Standards) tips to strengthen your shields and business continuity.

Achieve PCI Compliance by using strong passwords

Just like we have locks and keys to our homes, we need to have locks and keys on our network and systems. Create longer passwords with a mix of letters, numbers, and other characters (%$*&!@(). And change them often.

Read more about passwords and MFA

Patch your software

Make sure your IT service company keeps your software patched and up to date. Patching is fixing, improving, or updating a program with bugs or other security issues. Just like we strengthen our bodies with eating and exercise to prevent disease, your IT company strengthens your software applications with patches to prevent data breaches.

Encrypt all payment card data

Encryption creates another type of shield between the billions of people on the Internet and our data. Digitally scrambling data creates barriers that cannot be penetrated unless a user has the key. Selective shields, boundaries, locked doors, barriers, and walls are good. Sometimes they are a pain, but they are needed to sustain our physical and digital lives. And they are needed for PCI Compliance.

Remote access to your systems should be secure

Shields up! Our bodies stay healthy by having selective boundaries that keep some things out but allow other things in. Similarly, your business needs boundaries around your network. You want your vendors, employees, and customers to access your system from their businesses, homes, and mobile devices. Viruses and cybercriminals target these access points. Your IT service company should make sure your associates are using strong passwords and multi-factor authentication before your system lets them in.

Firewalls Are A Big Part of PCI Compliance

Shields up! Make sure your IT company has a firewall shielding your network from the Internet. This is like a cell wall that monitors all incoming and outgoing substances. Many of these substances have to have special keys to get in. A competent IT company will configure a strong firewall for your business among multiple other layers of shields.

Beware of phishing email

True to viruses in nature, hackers are evolving. Their attacks are more deceptive. They send emails that appear completely legit. If you haven’t expected a request for confidential data or information, don’t hand it over until you call and verify first. Your ability to differentiate is another layer of security.

For Compliance, Your partners should also be secure

We all know how easily the COVID-19 virus has spread. The same thing is true of digital viruses. If they are hacked, you could be too. The hackers can get into your system via the same portal your partners entered it.

Cybercriminals are always looking for ways to get past your shields. If you work with e-commerce, your shields need to be strong and secure to achieve PCI Compliance. But whatever your business, let’s work together to keep our clients, partners, and businesses safe.

Schedule a free security risk assessment with either Joe Nice in Utah or Fred Bauerfeld in Idaho

*Stats from: PCI Security Standards Council & U.S. Security, Exchange Commission, and Panda Security

Managed Services Provider: Choosing Reliable IT Services

As a Managed Services Provider, we know that your business runs on information. We also know that you need top-notch cybersecurity to protect it. While you’re busy growing your business, you need someone to manage your technology. And you’ve got a lot to manage – cloud services, software applications, vendors, network, multiple computing devices, servers, switches, and storage. Without someone keeping a 24/7 watch on these assets, your business is vulnerable to security breaches.

The following image is a screenshot of the SonicWall Security Center. This website monitors real-time cyberattacks. Click on the link to see how many attacks are happening right now. Security breaches are constantly bombarding organizations like yours. Bad actors are always searching for a chink in your armor.

A Reliable Managed Services Provider’s (MSP’s) goal is to keep your business and data secure while maintaining an efficient technology environment. MSPs do this by managing your cloud services and overseeing your daily IT needs. They provide you with the technical support and security you rely on to keep up with the fast-paced, automated business world.

IT Management is a full-time job

You may have a difficult time effectively managing your business IT operations and cloud services on your own. Computer technology is an industry that is constantly iterating to increase speed and safety while minimizing cost. Consequently, many companies hire a variety of third-party services to run their business operations. These services should work together compatibly, but that’s hard to accomplish when they are constantly evolving.

A Managed IT Services Provider manages your interconnected web of services for you. Certified technicians work full-time overseeing your IT ecosystem to ensure it runs optimally. They free you up to focus on what you do best. An optimized technology environment maintains the highest degree of protection against security breaches.

If you are thinking about hiring an MSP, consider how the following benefits increase your cybersecurity:

1. A Managed Services Provider reduces costs & prevents security breaches

For small- to medium-sized businesses, it is less expensive to hire an MSP than staff a full-time IT department. When your IT services are affordable, you can maintain the network optimization required for cybersecurity.

2. A Managed Services Provider offers predictable, recurring monthly costs

An MSP has the flexibility to adapt their services to your business needs. You don’t pay for more or less than you need. Once the right fit is found, you pay a consistent monthly bill. When you know how much to budget for, your IT services are a no brainer. You don’t have to constantly worry about a new and unexpected bill when something happens. With consistent service, your productivity and cybersecurity remain optimal.

3. Choosing an MSP maximizes hardware & software life

MSPs work to keep your technology current. They monitor the age of your computer devices and software applications. Most of us don’t like having to pay for new equipment when what we have is still perfectly functional. But when our computers and software cross into the land of the dinosaurs, they become inefficient. Outdated machines and software are a security risk.

A trustworthy MSP knows when to patch and maintain what you already have, and when it’s time to upgrade. Keeping your technology up to date keeps your defenses strong against cyberattacks.

As a Managed Services Provider, we know that you primarily need us to keep your network securely running at peak efficiency. Lagging computer and internet speeds are your nemesis. Our goal is to maximize your cybersecurity while increasing your productivity. We strive to do that at reasonable costs. Schedule a free consultation with Joe if you’re in Utah or Fred if you’re in Idaho.

Curiosity Killed the Network

One of a technician’s biggest fears is user Curiosity. Curiosity has been the culprit of a number of major successful cyberattacks on unsuspecting companies. It is the reason you might click on a link in an email sent from an unknown source. It’s the reason you might follow a rabbit hole of links to unsafe sites on the internet. Curiosity is also the reason you might click on a random link at the bottom of an unfamiliar website.

In order to keep your company’s network and confidential data secure, you and your employees should be aware that cybercriminals attempt to trick you by applying to your Curiosity. One of their little-known tricks is scattering USB drives in conspicuous places such as the parking lots of targeted companies.

Curiosity May Increase Your Organization’s Security Risk

Researchers performed the following experiment to test how risky yielding to our Curiosity can be.

A few major organizations got together to conduct a study:

  • The University of Illinois
  • Urban-Champaign, Google
  • The University of Michigan

In the study, they tested how the Curiosity factor can affect a company’s cybersecurity. They scattered 297 USB drives around the Urban-Champaign campus. On the drives, they installed software that mimicked malware. When some Curious soul opened one of the files on the drive, it didn’t infect the computer with a virus. But it alerted the researchers that it had been opened and then sent them the location of the computer.

48% of the drives were plugged into computers!

Read the whole story here: Story of the USB Drive Study

The DOD Infiltrated Via Thumb Drive

If you think that’s crazy, listen to this: One of the worst cyber-attacks on the U.S. military in history occurred in 2008-09. It happened at one of the Department of Defense’s (DOD’s) Middle East bases. Someone inserted a thumb drive they found in a parking lot into a computer. It was like a worm that infected the entire network and went without detection.

“Once in place, the malicious code began to ‘beacon’ out to its creator, letting whoever created it know that it was in place and ready for further instructions. That’s the only way analysts from the NSA’s Advanced Networks Operations team noticed it was there.” – Blake Stilwell, We Are the Mighty, The worst cyber attack in DoD history came from a USB drive found in a parking lot

14 Months to Wipe It Out of Their Network

It took them 14 months to wipe it out of their network. When they realized what had infected their systems, one of their first responses was to ban thumb drives. They gathered thumb drives from military personnel and found they were all infected. As of the date of this article, no one has ever found out the identity of the hackers or how much information they stole.

“The effort was so intense and deliberate that it led to the creation of the 11th military unified command – The U.S. Cyber Command.” -ibid

If your Curiosity peeks when your online, reading an email, find a thumb drive, or even receive an email or phone call from a known source, err on the side of caution. Choose to be more Curious about cybersecurity. The network it saves might be your own.

Call us to and talk to Fred (Idaho) or Joe (Utah) to set up a free security assessment (844) 400-0616.

Cybersecurity and Cloud Storage

I was managing a company’s network as their Managed Service Provider when we received a call that a folder with many of their files was missing in their online Microsoft 365 SharePoint. We investigated the issue and found that none of their files had been nefariously deleted. We also determined there hadn’t been anyone trying to hack into the system and steal their data. Yet, it remained a fact that their files were missing.

We continued our detective work, checking if any credentials had been changed, but everything seemed in order. No one from outside had accessed their network.

Accidentally Deleted or Moved

Finally, one of our technicians had a hunch that a current employee might have accidentally deleted or moved the file. After a little more investigation, we indeed found that had occurred. When an employee was moving his mouse across the screen, he had accidentally grabbed a file folder and dropped it into another folder. It had been difficult to solve this case, but with some very good detective work, we were able to restore the file folder to its original location.

Data Security & The Human Component

After this experience, I started thinking more about data security in the cloud. Even though large file service companies like Microsoft 365 have very secure cloud storage, what about the end-user – the human component? What happens when someone deletes the wrong file by mistake? How often does this happen? While most of these cases are accidental, what happens when an unhappy employee, who thinks they have nothing to lose, decides to take out her company’s file repository? Could they recover the data – their forms, spreadsheets, and intellectual property?

Data Retention & Backup

Fortunately, Microsoft 365 has a retention policy that your company can use. It is good for up to 93 days. That’s a really good start, but in some cases, it may not be enough. Your MSP should have a service to back up to your Microsoft 365 OneDrive and SharePoint. This is a great way to ensure you never lose your data, either to a mistake or to a disgruntled employee. The backup service your IT company can set up for you is automatic. It’s one of those “set it and forget it” programs, although it should be tested periodically. If you have Microsoft 365 or a similar service for storing documents in the cloud, consider incorporating this service into your network. It just might save the day for your business down the road.

For help with cybersecurity and data backup, scheduled a free consultation with Integrinet IT

Are You HIPAA IT Compliant?

Did you know that on the Dark Web, medical records sell for more than credit card data?

If you are a health services organization, you know your biggest cybersecurity worry is to keep your ePHI secure. Most breaches happen because the devices you use have not been encrypted, one of your employees clicks on a nefarious link in an email, or someone inadvertently downloads malware into your systems.

Encryption Is the New Standard

HIPAA IT standards are the gold standard of cybersecurity in the health service industry. As your organization strives to be in compliance, start with encrypting as much of your data as possible. At the very least, make sure you have passwords on all your computers and mobile devices. Implement Multifactor Authentication to protect your users’ login credentials.

The encryption process converts your data to an unreadable and unstable state. If unauthorized users broke into your network, your email, or your devices, they would not be able to make any sense of it. The only way the encrypted data can be read is with a security key. With this key, the computer will convert the data back into a readable and stable state.

All emails containing ePHI that are sent outside of your firewall need to be encrypted. Additionally, they should be saved in a secure and encrypted archive for at least six years.

Web Content Filter

It’s important to have your managed services provider install a web content filter, which blocks inappropriate and dangerous content as well as cyber criminals who are waiting to steal passwords to your records and databases.

Automatic Log-off

Your service engineer should also help you set up automatic log-off of your PCs and mobile devices. When your authorized personnel have stopped using their computers for a specific amount of time, the computers automatically log out. It is so easy to forget to log out when stepping away from the workstation. This program is a smart and easy backup to use to increase your cybersecurity.

HIPAA Checklist

Your medical office has to be aware of the IT portion of the HIPAA checklist. You need to make sure you can check every box. Your managed services provider should perform regular assessments that identify the risks in all systems your business uses to “touch” your ePHI. This includes your:

  • Network
  • Servers
  • Switches
  • Computers
  • Mobile Devices
  • Software
  • Phone Systems
  • Cloud Accounts (Email, Storage, etc…)

24/7 Remote Monitoring

To be HIPAA IT compliant, your IT company must be remotely monitoring your systems 24/7. They should be analyzing your logs regularly. They should be able to detect unauthorized access by existing employees.

A good managed services provider should know what it means to be HIPAA IT compliant. It should actively monitor your firewall ports and know which ones are usually attacked. If you have employees working from home, your service engineers should ensure that your VPN tunnel is set up and secure. They should have the ability to sniff out all the security issues your specific practice faces.

Due Diligence

If your healthcare organization is in the middle of striving for due diligence to the HIPAA standards and needs an IT company that knows how to help you reach compliance, schedule a free consultation with Joe Nice (Utah) or Fred Bauerfeld (Idaho) at Integrinet IT.

Call (844)400-0616

Choose “Sales” from the menu to talk to Joe or Fred.

Read more about HIPAA Compliance:

HIPAA Compliance Checklist

Summary of the HIPAA Privacy Rules by the United States Department of Health & Human Services

Powered by Integrinet IT | © Integrinet IT 1998 - 2021