What is cybersecurity and how does it work?
How will cybersecurity help protect you?
To make it difficult for criminals to have problems or at least to make it difficult for them to commit their crimes, security professionals have decided to implement a series of measures.
• First, they use software that complies with all security standards, and they also use cryptographic and data encryption techniques to protect the information they have.
• They use network surveillance and even establish perimeter security networks that protect data under two or more levels of cyber barriers.
• It is necessary to have intrusion detection systems, antivirus, or the famous firewalls.
These are usually simple or really complex depending on the importance of the information.
Along with these measures and many more, there are cybersecurity experts who use tools that are much more basic than the previous ones but are equally effective in preserving information.
Sometimes even those who are operating with that data may not be able to see it in its entirety. This is so that they never have the complete information and can modify or filter it.
Protecting identities is not up to individuals alone. Businesses that have personally identifiable information for their employees and clients on their networks, must also make sure they are taking every precaution to protect other’s identities.
In conclusion, today I wanted to explain a little bit about where cybersecurity was going, what it was, and why it is so important today to hire a good cybersecurity service, as the one we offer at Applied Technology Group.
TO UPGRADE OR NOT TO UPGRADE?
SHOULD YOU GET RID OF WINDOWS 7 AND SERVER 2008? WHAT IF YOU DON’T SWITCH?
On January 14, 2020, Microsoft will end its support for Windows 7 and Server 2008. But just because you can continue to use Windows 7 after the end of life date, it doesn’t mean you should. Businesses who rely on technology to keep them running are proactively upgrading their Windows environment to avoid downtime, user issues, poorer functionality and increased security vulnerabilities.
Businesses who remain on Windows 7 and Server 2008 will be left behind with:
- No technical support
- No software updates
- No security updates
Businesses who do not upgrade might think they are saving some money now, but may have a far bigger and more expensive problems coming.
Windows 7 end of life countdown:
END OF LIFE IS COMING.
Don’t get caught without support. Update your operating system and server before time runs out for Windows 7 and Server 2008.
WHAT DOES THIS MEAN FOR SECURITY?
Procrastinating the upgrade will leave your company’s systems weak and vulnerable to data breaches, liability issues and other cyber threats. Any new vulnerabilities will remain vulnerable. Operating systems and servers need to be continually updated to stay secure. Without updates, patches, and bug fixes, your environment will be exposed to cybercriminals who will exploit vulnerabilities.
Not upgrading your Windows environment will expose your company to external threats. Hackers are waiting for companies who don’t migrate from Windows 7 after the end of life date and are no longer supported or secure. Don’t be tempted to try to save a bit of money and be at risk for a situation that is preventable… because it could end up costing an unpredictable amount!
WHAT DO YOU NEED TO DO? MAKE PLANS TO UPGRADE FROM WINDOWS 7 AND SERVER 2008.
You now know that Windows 7 and Server 2008 will not be a safe product to use after January 14, 2020. If you haven’t already done so, it’s time to start preparing your business to get upgraded. For businesses, we recommend using an IT professional, like us, to ensure everything is working properly and upgraded correctly.
- Develop a budget & plan to replace or update your computers and servers before 2020.
- Call us for an inventory evaluation.
- Act now…time is moving fast and we want to help you before it’s too late.
If you don’t know where to start, we’re here to help. As a trusted technology adviser, we are actively helping companies upgrade their Windows environment with a seamless process and affordable rates to accommodate their budget and time frame. Contact us today to see how we can help you transition your Windows environment to be more secure and better protect your business.
Credential Stealer – An attacker will make a convincing clone of an existing webpage such as a Google account login screen or Facebook login screen. The idea behind this clone of a webpage is to have a victim enter their credentials (username/password) giving the attacker access to their account. Some popular examples of this attack are account verification, sharing files on the cloud, and package delivery. All of them revolve around receiving an email marked with apparently legitimate indications it is from a real company or organization such as Amazon, Google, or UPS. All 3 examples share the same purpose of luring you to enter your login information giving access to the hackers.
Malicious attachments – In our Increasingly technology-based world, it is more likely that companies you use regularly will contact you via email. Examples such as your bank, Google, or even your anti-virus service providers. This gives hackers a whole new opportunity to attack you based on specific services you use. Hackers create emails nearly identical to the ‘Credential Stealer’ emails, with one major difference: They come with a malicious attachment. These attachments may include fake reviews of your recent bank activity. Once you click to the see your bank activity in this malicious attachment your computer can be infected with viruses or malware.
Vishing – Refers to phishing done over phone calls. Since voice is used for this type of phishing, it is called vishing → voice + phishing = vishing.
Smishing – The user is targeted by using an SMS (short message service) alert.
Search engine phishing – Refers to the creation of a fake webpage for targeting specific keywords and waiting for the searcher to land on the fake webpage.
Spear Phishing – Unlike traditional phishing, which involves sending emails to millions of unknown users, spear phishing is typically targeted in nature, and the emails are carefully designed to target a particular user.
Whaling – Similar to spear phishing, expect whaling targets a more specific and confined group. Whaling is more focused on “landing the whale” and targeting higher level executives, while with spear phishing anyone from the top or the bottom of the company is at risk.
The most significant thing you can do to ensure your business is taking the correct steps against phishing attacks is working with a trusted MSP. With how impossible it may seem to stay up-to-date with threats regarding technology is where your MSP should step in and be your knowledgebase for technology. Phishing prevention and protection requires a multi-layered solution. A full stacked solution can consist of a plethora of things such as scans, phishing tests, monitoring, and much more. These solutions can be custom tailored to fit your business as no business is 100% the same as another. Phishing hackers won’t care whether you are a small or large business. They will target their victims without discrimination.
Like any other security risk, it’s better to act proactively to phishing rather than reactively. Contact us today at (260) 482-2844 to begin the process of tailoring a solution specifically for you.
1. Discovery – An initial meeting to learn more about your organization and what you do.
2. Assessment – Our engineers examine your network and policies to learn how to best project you.
3. Implementation – We deploy our solution designed specifically for your organization followed by exceptional ongoing service.
Thank you for reading!
Preethi. “14 Types of Phishing Attacks That IT Administrators Should Watch For.” SysCloud Blog, 8 Jan. 2019, blog.syscloud.com/types-of-phishing/.
Slavin, Brad. “Top Phishing Email Attacks Worldwide in 2018.” DuoCircle, 12 Feb. 2019, www.duocircle.com/phishing-protection/top-phishing-email-attacks-worldwide-in-2018.
Wright, Jordan. “The Trouble with Phishing.” Duo.com, Duo Security , 2016.
Click below for part 1 on Phishing
Network security’s importance continues to grow with the ever-evolving technology industry. Ensure your network is secure ahead-of-time instead of waiting until disaster strikes. Protecting the IT infrastructure within your business increases the reliability and safety of the business. Threats to your business can come in forms such as viruses/malware, phishing attacks, password attacks, or a denial-of-service (DoS) attack, and new attacks are being created regularly. All of these will cause more than just a headache for your IT department and could end up costing your business time and money.
Phishing is one of the most common threats hitting organizations. A phishing scam is when an email is sent in an attempt to get a response in order to gain information; such as a username and password. Phishing works because email, like physical mail, is built to assume that the sender is whom they claim to be.
Typically, the scammers will attempt to create a great amount of fear or panic in a potential victim by saying things such as “an attempt to login to your email was made from some [insert random city] click this link below to reset your password”. When someone reads that tag line from an email and sees legitimate looking aspects to the email, such as a Google logo displayed on it, they are more likely to believe it without even checking the website address.
Phishing is common because it is easy to create these fake emails and it has continued to grow in recent years. According to Webroot, a company that specializes in end-point protection, over 1.5 million new phishing sites are created each month. Since a clear majority of phishing attempts come through email, anyone with an email account is a potential target for these attacks. Just because you have not been targeted yet does not mean you never will.
• According to Cybersecurity Ventures, a world leading research group in the global cyber economy, Ransomware damages are now predicted to cost the world $11.5 billion in 2019, and $20 billion in 2021.
• According to Intel, 97% of people around the world are unable to identify a sophisticated phishing email.
• According to Cisco, 31% of people click the phishing links. Cisco saw that 17% of users enter their credentials into the phishing site as well.
Again, these attacks happen because they work. Phishing is effective because of how easy it is to send out massive amounts of emails. Sending large amounts of emails significantly increases the odds of someone clicking the link and entering their information.
Want to learn more about phishing? Give us a call at 260.482.2844 and make sure you keep an eye out for more information as this is just part 1 of our 2-part blog posts on phishing. Part 2 will go more in-depth over the specific types of attacks that people are using and what steps you should take to protect your business.
Thank you for reading!
Starting in 2019 Applied Technology Group will be creating a blog. This blog’s main purpose will be to provide an informative resource on what is happening in the world of technology. If you are not familiar with us as a company we provide multiple services revolving around the tech space. We primarily do IT support, phone systems, and surveillance/security systems. We are conveniently located in Fort Wayne, Indiana on Coliseum blvd. just next to Metal X. Since 1996 we have been serving the Fort Wayne area with quality, reliability, and service in mind. Be on the lookout for our upcoming blogs that will be highlighting relatable tech topics!