535 Connecticut Ave. Suite 104
Norwalk, CT 06854
Empire State Building
350 Fifth Avenue, 59th fl.
New York City, NY 10118

Featured Article

January 23, 2017

Top Things To Know About Cybersecurity This Week

With so much happening in cybersecurity right now, keeping up with the news can be a bit overwhelming.

To make things easier, here’s a rundown of the top issues you need to be aware of:  

Politics: Right now all eyes are on President Trump, who is beginning his first full week in office. Today, cyberanalysts are waiting to see whether Trump will deliver on his day one promise to ask the Pentagon to develop “a comprehensive plan to protect America’s vital infrastructure from cyberattacks and all other forms of attacks.”

As The Hill pointed out, though, the question still remains about what the administration considers “vital infrastructure.” It’s also unclear about the roles that other departments will play in national cybersecurity moving forward, such as the Department of Homeland Security and the FBI.

In other news, Rudy Giuliani has been appointed as Trump’s cybersecurity advisor.

As for the case involving Russia’s supposed role in hacking the 2016 election, leave that one for the authorities to worry about. And remember that when it comes to protecting your business, you don’t have to focus your attention on where threats are coming from. Instead, assume that everyone is trying to hack your business at all times. Take a defensive position, and you will be better off than your competitors in fighting off attacks.

Ransomware: A recent study shows that ransomware — a type of malware that locks your digital assets and demands a large payment — increased by 6,000 percent last year. And over 70 percent of ransomware victims are now choosing to pay the ransom to have their data returned.

Unfortunately, there is little you can do to prevent hackers from targeting your business with ransomware. However, you can mitigate damage by always backing up your files. So if your business isn’t doing so already, make it a priority for IT this week.

You should also be wary of free online tools offering to decrypt ransomware for you. You could wind up making the problem worse if you try to manually remove ransomware yourself. It’s much more advisable to consult with a trusted security advisor for protection and removal.

Security updates: Last week, Oracle released a massive security update that contains 270 system fixes. Oracale is now urging its customers to patch their systems immediately, as there are over 100 flaws that can be remotely exploited by hackers. Oracle’s update impacts the following product families: Oracle Database Server, Oracle E-Business Suite, Oracle Enterprise Manager Grid Control, Oracle Industry Applications, Oracle Fusion Middleware, Oracle Sun Products, Oracle Java SE and Oracle MySQL.

Microsoft, meanwhile, had a quiet start to the year as its first Patch Tuesday update of 2017 was one of the smallest in the history of its program. On Jan. 10, Microsoft released four security bulletins that addressed vulnerabilities in Office 2016, Microsoft’s Local Security Authority Subsystem Service (LSASS) and the Edge browser.

The National Institute of Standards and Technology (NIST), meanwhile, has issued a draft of updated revisions for the Framework for Improving Infrastructure Cybersecurity. The Cybersecurity Framework was introduced in February 2014 following President Obama’s Executive Order 13636. It’s a voluntary framework that “focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management process.” Draft 1.1 contains feedback for the public and private sectors based on information that was collected over the last three years.  

Cyberattacks: Lloyds Banking Group announced that the company suffered a 48-hour denial of service (DOS) attack earlier this month. However, none of the organization’s 20 million accounts were hacked or compromised during the incident. IT security experts supposedly “geo-blocked” the attack, which involved limiting Internet access based on geographical location. This caused the cybercriminals to drop the attack, and move onto another server.

Lloyds, it should be noted, was very lucky. It’s a great reminder, though, that cybercrime is still on the uptick —especially in the U.K., where fraud and cybercrime were recently named the country’s most common offenses. Of course, the same problem exists here in the U.S. In 2016, U.S. data breaches reached an all-time high.

Other: In the mood for a mystery? Here’s one for you: Researchers have discovered an army of at least 350,00 unmanned Twitter “bots.” And this figure may be infinitely higher.

The botnet has been in existence since 2013, but has been lying dormant since then. As of right now, it’s unclear as to why the botnet was created and what it could be used for. It’s possible that it could be money for its botmaster. However, it’s also possible that a larger, more sinister, plot is in the works involving these fake Twitter accounts.

A new breed of hacktrepeneurs has awoken and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York CityWhite Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.

In addition, our new Cybersecurity Compliance Certification for law firms will help keep your legal practice from becoming the next Panama Papers victim. This baseline cybersecurity audit for the legal industry should be considered seriously by all law firms.







Related Articles