Posts

In the past, I have talked about the Mobile Security Threats that You NEED to Know About and I also shared some tips on What You Can Do to Avoid Mobile Security Threats?

For this blog post, I will focus on the most common network security threats. Let’s all face it; the Internet connects us in a convenient way, breaking geographical boundaries. However, it also brings us closer to various threats.

Like most companies, your business probably manages loads of data on a daily basis. According to the 2017 Cost of Data Breach Study: Global Overview, data breach could happen in 1 out of 4 companies. You could be the next victim!

In 2017, the average cost of a data breach is $3.62 million. With the advancements in technology, it is safe to say the costs keep getting higher and higher each year. The good news is that you can do something to prevent data breach.

Network Security Threats

First, let us discuss the network security threats your company face. Here are the most common threats:

Now that you know the numerous network security threats, the question is… how do you protect your business data?

4 Tips in Protect Your Company

These are the 4 ways you can improve on your company’s overall network security.

  1. Strengthen the Access Control

  • Outsiders can access your data because of weak security. Therefore, strengthen the control measures by applying strong passwords.
  • Follow the basic password guidelines such using a combination of letters, numbers, and special characters. Next, passwords should not be as short as possible. In fact, the longer, the better.
  • Lastly, never use default passwords. Reset them so that you can create a unique password instead.
  1. Remember to Update Your Software

  • Updates are important to your network’s health. That is why people can access your network because of its outdated state. So, keep everything current from your antivirus to your operating systems.
  • The updates are there to fix the previous issues such as potential vulnerability. So, embrace these updates to maintain a secure wall of defense.
  1. Set a Uniform Software

  • Your company should use one standard tool to isolate attack. What I mean here is that your employees should not use any browser they like. For instance, computers are installed with Firefox plus some privacy add-ons. Then, here goes one employee installing Chrome without approval. This cannot be!
  • Make sure the computers all have the same: operating system, web browser, extensions, multimedia player, and so on.
  1. Conduct an Employee Training

  • External threats can happen because of an internal flaw. An employee could have indirectly given away or hinted a password. So, make sure your employees understand the fundamentals of network security.
  • All of them should know what is risky (and what is not) to your network. This is to avoid unnecessarily comprising the security protocol. Give a security training at least once a year to keep your employees updated about the recent trends.

A Dependable Company for Your Cybersecurity Needs

There are team of experts willing to help you have the proper network security. For all your I.T. needs, Omnipotech is the name you can trust. Contact Omnipotech Support Center now to learn more about the cybersecurity solutions that we provide. The number to call is 281-768-4800!

 

Malware is a short term for malicious software. Typically, this software is made to gain access or to damage a computer. This usually happens without the permission and knowledge of the owner.

These malicious codes will creep in a device, and a malware can manifest in many forms such as adware, spyware, worms, viruses and Trojan horses. I have discussed these in a separate post. (See: Mobile Security Threats that You NEED to Know About)

Generally, malware can take many forms, and it depends on the intent of the creator. The number of malware infection is on a steady rise because of the profitable income to be gained in engaging in Internet crime.

Originally, malware started out as a way to prank and experiment. Eventually, its purpose shifted towards the ruin and slaughter of such devices. Now, most malware out there is made to profit from ads, to steal private data, to spread spam messages and emails, and to extort money.

Some may not harm but steal your personal data

Like adware, spyware is made to gather data about you. This is why spywares go hand in hand with adware in order to deliver an advertisement that’s pretty hard to resist. Where there is adware, there is most probably a spyware.

A spyware may not straightforwardly harm your computer. However, spyware can secretly monitor what you do on your computer. These spywares can know confidential information like your account number, your username, your password, and other personal details that only YOU should know about.

What makes you vulnerable to malware attacks?

There are numerous factors that make computers vulnerable to such attacks. A series of chain reaction can trigger when one takes advantage of the flaws of a computer’s operation system. Then,  when an infected computer is on same network with the other computers, this could lead to a domino effect. Thus, all it really takes is infecting on computer. Since Windows is the most common OS, there more malware attacks that target the operating system.

The best protection against malware.

Whether it is a ransomware, spyware, adware, or whatever kind, always be cautious. Follow these important pointers:

  1. Be careful when opening email messages especially if there are attachments that come with it,
  2. Stay away from incredulous websites, and do not believe everything you read on the web.
  3. Don’t click everything you see, and maintain caution when browsing.
  4. Lastly, install a trusted antivirus program, and keep it updated at all times.
  5. More tips discussed on What You Can Do to Avoid Mobile Security Threats?

Do something about your cybersecurity!

Above all else, I personally believe that cybersecurity should come first. In this digital era, we should all take steps that will help boost privacy. This is particularly important if you manage or own a business.

Once your devices are comprised, third party companies can get hold of your information and the information of your clients. Omnipotech can help you in improving your company’s overall online security. For more information about cybersecurity and the services we offer, kindly contact Omnipotech Support Center or you may call Omnipotech at 281-768-4800!

According to Symantec’s 2018 Internet Security Threat Report, the different mobile malware types increased by 54% from 2016 to 2017. Yes, in one year, it doubled.

Wait, there’s more.

Once a mobile malware gets into your phone, the other devices connected to your phone might be the next target. In a series of connected devices, the capacity of your online security will be only as good as your weakest link. So, malware can easily spread from a phone to a tablet and then to another device through the network.

In this blog post, I will list the rampant mobile security threats lurking around.

1. Madware and Spyware

First, you have to be careful about madware; since this article focuses on mobile threats, we aren’t dealing with the typical adware here.

Mobile adware (madware) is a program installed on your phone, usually done without your permission.

What does it do? A madware acquires your data for ad purposes. This way, companies can accurate target you with ads that are accordant with your own interests and hobbies.

It does not end there. Once there are madwares to target you with ads, it comes with a spyware. A spyware, like the name suggests, spies you. It will study on how you use the internet, collects all these information, and then, sends it to a third party.

Generally, companies buy this data of yours and they use these data for better ad targeting. Companies show you ads, you click, they spy, send you more ads, you click again, and so on. The cycle continues!

To be honest, the ads you see are the least of your concerns. When it comes to spyware, the alarming part is that your personal information collected. This means that your location, your internet usage, and your mobile contacts are all compromised. So, you see, it’s not just you exposed to mobile threats, but also every contact listed on your phone.

2. Drive-by Downloads

Drive-by downloads are those malwares installed on your mobile without any permission. This could happen when access the wrong website or open a malicious email. Then, without you knowing, a drive-by download will install something on your mobile device.

What will it do? The file it will install could be anything. That’s the danger of it! Perhaps, a madwaremalware or spyware. It could even be a bot that could potentially use your phone to do nasty things!

More will be discussed on Mobile Security Threats that You NEED to Know About (Part 2)

Time to take action!

Cybersecurity is important and you should not take it lightly. For a business establishments, the stakes are higher.

It’s a domino effect; once you are compromised, your clients will be as well. Third party companies could get a hold of your business transactions, banking information, and even the details of your clients.

Omnipotech is here to help you in strengthening your company’s overall security. Contact Omnipotech Support Center to know about the services we do such as cloud computing, IT consulting, and other IT services. For more information, you may call Omnipotech at 281-768-4800!

In Beware of Coronavirus Scams and Other Related Malicious Sites, I made you aware of the phishing tactics spreading around the internet lately. I made sure that I would allocate a specific post regarding the protection against these online threats. Wether you admit it or not, there will be people using this global pandemic to their advantage. These cybercriminals don’t just go for healthcare institutions, but they also target your personal banking details.

Generally, cybercriminals don’t just spread threats online, but they have the audacity of going through your very homes. In fact, CNN posted an article about criminals that are posing as government authorities to scam people.

Protection Against Coronavirus Phishing Sites

As mere users, what can you do to avoid phishing scams? More importantly, if you own a business, what can you do to help your employees fall for these schemes?

  • Knowledge IS Power.

First, you have to inform everyone you know about COVID-19 so they won’t carelessly look for information elsewhere. Others may not be as well-versed as you are so keep them away from any threats by sharing the knowledge you know.

  • Only Share Official Websites.

Next, you have to stop speculating. The internet is full of conspiracy theories about the coronavirus. We all have to deal with this as a team and now is NOT the time to insist on your personal opinions. COVID-19 is a health emergency. Having said that, believe what the doctors and medical experts are saying. They are the most reputable sources of information today; don’t go sharing what you read on Facebook without verifying anything.

To help you get started, you can visit these websites:

  • Conduct a Quick Cyber Awareness Training.

Since this global pandemic has change the landscape of our workforce, it’s also timely to make them aware of the threats proliferating online. The virus we are fighting isn’t just found outside, but there’s also a threat spreading online. Phishing emails can endanger businesses as well. Teach all your employees on how to spot suspicious websites and emails, which are used to steal information. Most importantly, use pro-privacy tools even when one is using a shared computer at home.

In order to avoid to fall victim on these malicious email and sites, please read the following articles on cybersecurity.

  • Before Doing Anything, Verify First.

Lastly, don’t believe everything you read online. Verify all the information you have gathered. If you know a doctor or a nurse, you ask them first. Don’t spread unnecessary fear about the coronavirus.

Also, don’t immediately perform tasks which require you to supply sensitive information such as money transfers or signing documents. For instance, an employee got an email that he or she should transfer money immediately because a supervisor or an executive is not available at this time. Inform all your employees to:

  • Examine carefully all the emails they get. Check where the email is from, the email address used, the domain name of the email. Make sure everything matches with the information that they have!
  • As much as possible, verify through a phone call or through internal communication about the task especially if it entails money and classified information.
  • Never reply to those phishing emails and delete them right away!

As the number of Coronavirus Disease 2019 ( or COVID-19) cases rapidly increase throughout the world, there are also a growing number of Coronavirus websites proliferating. At every corner of the internet, you could see websites popping up getting email addresses and personal user information. Sadly, these websites only bring more harm than good. Thus, it is important to filter the information that come your way. Don’t be fooled by other websites and only believe data from verified outlets. For reliable information, you can visit the  Public Health Emergency, Centers for Disease Control, and The New York Times.

Now, more than ever, is not the time to spread malicious websites. The Health Sector Cybersecurity Coordination Center warns the netizens about a malicious website that’s not only fake, but it is also a malware. Worse, most users are unsuspecting of this because they just want to learn and get updates about COVID-19.

Undeniably, cybercriminals are using this global pandemic for their personal gains. Now is the time to be alert of the coronavirus spread, but also of the people taking advantage of new disease. The threat online is also as important the threat we experience in the real world. So, let’s dissect the phishing websites spreading online? What are the tactics they use to scam people?

A Fake COVID-19 Tracker

In any disaster, often times, people rely on the internet to get the new information. That’s why cybercriminals aim to replicate real and actual sites, making them seem harmless. What do they do exactly? They come up with a fake live tracker.

corona-virus-map[dot]com, a phishing website, seems to be the real deal when you look at it. Please don’t even try visiting the said site! I am not linking it here; this is just to make people aware that such fake tracking map exists. COVID-19 is already a serious threat as it is, and now, this fake website is only making thing worse. The phishing website is said to impersonate an actual health organization called John’s Hopkins University. Upon visiting the said site, the website visitors will infect with a trojan, and this AZORult trojan will steal information from the unsuspecting visitors. The information gathered can be used for cybercrimes and even theft.

More Coronavirus Domains

According to the security firm CheckPoint.com,

Since January 2020, based on Check Point Threat Intelligence, there have been over 4,000 coronavirus-related domains registered globally. Out of these websites, 3% were found to be malicious and an additional 5% are suspicious. Coronavirus- related domains are 50% more likely to be malicious than other domains registered at the same period.

COVID-19 Related Cybercrimes

More and more news articles pertaining to the coronavirus are being published each day. In fact, CheckPoint.com even reported that legitimate sites such as CNN and Financial Times have more than 1,200 articles and 1,100 articles about the coronavirus respectively.

Ever since the World Health Organiztion categorized COVID-19 a global pandemic, numerous COVID-19 themed websites are popping up. Other malicious websites spread through different means like:

  • sending malicious links online,
  • attaching shady links on emails,
  • spreading through online ads, and other portals on social media.

So, everyone should be aware on how cybersecurity threats can spread. Don’t just be cautious over this new corona-virus-map[dot]com site, but also be careful on the links and emails you click when you browse for new information about the coronavirus. Read helpful on 4 Tips in Protecting Yourself from Coronavirus Phishing Sites

 

SOURCE: (1)

By 2021, Cybersecurity Ventures estimated that the cost of cybercrime damages would be $6 trillion, an increase from $3 trillion in 2015’s forecast.

Huge companies aren’t the only ones at stake here. In Verizon’s 2019 Data Breach Investigations Report, they revealed that 43% of the cyber threats involved small businesses. The worst part? Cyberattacks continue to flourish, and according to the insurance provider Hiscox, businesses would roughly need $200,000 to combat it. In this blog post, we will discuss the top 4 trends impacting cybersecurity in 2020.

Mobile Malware

  • According to ZDnet.com, mobile malware was the most common threat last year. This is not a surprise, knowing that mobile users are continuing to rise. In fact, Statista predicts that there will be around 3.5 billion smartphone users worldwide by 2020. With these numbers expected to continually increase, malware attack would be a growing problem for many.
  • One of the popular types would be banking malware. Hackers everywhere are developing apps that would pretend as the real deal when, in fact, these aren’t legitimate apps.
  • In 2015, there were already over 1.6 million malicious installations designed to creep in mobile devices and collecting personal data such as bank information, password, and other login details.
  • Kaspersky Lab found a wide array of 30,000 banking-based malware, which were targeting 312,235 users. Mobile malware grew in numbers and, likewise, grew in landscape. You see, in 2018, banking trojan malwares were only part of the 1.85% of all the mobile attacks. However, as earlier as the first quarter of 2019, banking malware was already the culprit of 3.24% mobile threats.
  • Not only that, Kaspersky Lab also found out that Asacub, a specific malware that affects 58.4% of all banking attacks, was trying to infiltrate the mobile devices of 8,200 users each day. That’s just in 2019 alone!

Security in Cloud Computing

  • Everyone is moving to cloud computing. Many businesses opted to migrate to an online store instead of maintaining a brick and mortar store. Perhaps, they would want to tap a different demographic, or they simply want to start anew. However, businesses on the cloud are susceptible to data breaches.
  • Without understanding the solutions of these cloud computing tools, businesses could be vulnerable to threats. Big-time players in the business world – the popular streaming service Netflix, and the American multinational automaker Ford Motor Company – were not safe from such large-scale threats. A cloud backup provider hired by these companies exposed their data storage repository out in the open.

The Use of Automated Tools

  • As technologies continue to evolve, it’s not only the businesses that adapt. Attackers cope with it too! Cybercriminals are also keeping up with the changing times through the use of automated tools. With such tools, it’s easy to evade security measures and manage to steal.
  • In 2019, the Sophos MTR Team has uncovered that the cybercriminals have been automating their attacks in order to stealthily gain initial access. Once they have officially compromised the environment, they will shift to using traditional methods in order to identify crucial information such as the data vault, the backup servers, and other relevant files.
  • They continue to survey the environment until such a time that the attackers, eventually, mimic the style and behavior of the legitimate administrator. Businesses would not even notice such suspicious activity because it seems part of the normal and everyday routine.