Almost 22% of Canadian internet users avoid going online in public places and 60% of Canadians prefer their mobile internet for online activities in public, according to a survey conducted by NordVPN. Canadians use public Wi-Fi more frequently and less mobile internet than any other country that participated in the survey. Cybersecurity experts say that these measures help to mitigate cyberthreats, but issues raised by using public Wi-Fi can also be managed by other means.

Cyberthreat of Shopping Malls

In the new survey, most Canadian internet users mentioned shopping malls (57%), public event venues (51%), and cafeterias, bars, or restaurants (49%) among the places where devices are exposed to cybersecurity threats the most. Home (18%) and workplace (16%) are mentioned as the safest places from cybersecurity threats.

“Internet users should evaluate cybersecurity risks in every location because the scope of threats varies depending on a place. While universities or offices tend to put more effort into cybersecurity, it might not be the case with cafeterias and shopping malls,” says Marijus Briedis, CTO at NordVPN.

Canadians Trust in Themselves More Than in Technology

The survey reveals that Canadians tend to rely more on their behavior online to protect themselves from cybersecurity threats in public places rather than technology. 46% of respondents claim that they avoid entering or accessing sensitive information when they are connected to public Wi-Fi. At the same time, 40% of respondents go only to safe websites, and 37% verify if the public Wi-Fi is legitimate before joining.

Regarding the usage of cybersecurity and privacy tools, the numbers are more modest. Only 19% of Canadians use a VPN service, and 36% choose antivirus software. While a VPN is a more popular solution among younger generations, older generations tend to trust antivirus software. 

“Cybersecurity literacy is important, and it is great that internet users avoid entering or accessing sensitive information, like banking accounts, clicking on pop-ups, or going to suspicious websites. But a human mistake is an important factor in cybersecurity and even experts do them, so technological solutions should complement human efforts to minimize risks,” says Briedis. 

Americans Are More Eager to Use Internet in Public

In comparison, only around 16% of Americans do not use the internet in public at all. Americans use mobile internet more frequently and less public Wi-Fi than Canadians. Up to 39% of internet users in the United States use public Wi-Fi, and 70% use mobile internet.

In addition, Americans demonstrate slightly better use of cybersecurity and privacy software to protect their devices from cybersecurity threats: 27% of respondents said they use a VPN, and 33% use antivirus software.

How to Stay Secure on Public Wi-Fi?

There are several simple precautions to stay secure on public Wi-Fi. Marijus Briedis, cybersecurity expert and CTO at NordVPN, advises taking these actions:

• Use a reliable antivirus. Users should choose an antivirus with advanced protection against malware, spyware, and viruses. An antivirus program will detect and neutralize malicious threats before they do any harm. For example, NordVPN’s Threat Protection feature neutralizes cyber threats, like malware-ridden files or malicious websites, before they can damage your device.

• Enable a firewall. A firewall protects the system by monitoring the network traffic and blocking suspicious connections. Users should have security settings and ensure the computer’s inbuilt firewall is running.

• Stay secure on public Wi-Fi using a VPN. Public Wi-Fi networks are highly vulnerable to hacking. Cybercriminals often target people at free hotspots and try to slip malware into their devices. Users should always use a VPN to secure their Wi-Fi connection and protect themselves from unwanted snoopers.

The post Every Fifth Canadian Avoids Using the Internet in Public appeared first on SiteProNews.

Cybersecurity and privacy researchers at NordVPN analyzed the most popular mobile apps globally in 18 categories. Up to 14% of apps collect more unnecessary than necessary data for the apps’ performance and only 8% of apps collect no unnecessary data. On average, every fifth requested permission was not needed for the app’s functionality.

“A significant number of mobile apps that we use daily request access to device functions unrelated to their performance. And most users give the app license to spy without even reading the terms and conditions. Users should always consider whether the app needs certain data to do its job before tapping ‘Accept,’ because collected data could be used against our interest. It’s especially important to be more attentive to some categories of apps which are more intrusive, such as social media or messaging apps,” says Adrianus Warmenhoven, cybersecurity advisor at NordVPN.

The research revealed that 42% of all apps ask for permissions related to user activities outside the actual app, which means that they aim to collect data about users across other applications and websites. In addition, 37% of the studied apps request access to the user’s location, 35% to the camera, 22% to the photo gallery, and 16% to the microphone.

Social Media and Messaging Apps Raise the Most Concerns

Social networking, messaging, navigation, and dating apps require the most significant number of permissions compared to other categories. They are also in the lead by their requesting of unnecessary permissions. On average, social networking apps request ten unnecessary permissions, navigation apps ask for nine permissions, dating – six, and messaging – five.

Android users can be the least worried about gaming apps. They only request 10 permissions and ask for less than one unnecessary permission on average. While food and drink apps on iOS ask for less than three permissions on average, in terms of unnecessary permissions, productivity apps are in the lead because they almost do not collect unnecessary data.

The East Asia Region Is a Red Zone on the Privacy Map

While category is a stronger predictor of how many permissions and data apps ask for, there is also a geographical effect. On average, apps from East Asia ask for the biggest amount of permissions overall as well as unnecessary permissions — Hong Kong and Taiwan dominate both the Android and iOS charts. At the same time, Android apps from Japan and Singapore also make a strong showing.

“This likely stems from two aspects. On the one hand, different regions have different regulatory environments. But at the same time, these numbers are influenced by the nature of the popular apps studied. East Asian countries are worse in terms of permissions because of the blend of the wide use of social media tools as well as manga and other media apps,” says Warmenhoven.

On the flip side, apps from Mexico made the lowest number of unnecessary permission requests and even the lowest number of permission requests overall for Android. For iOS, apps from Spain and the US made the least overall requests, while apps from Spain, the US, Italy, and Poland made the least number of unnecessary requests.

How to Protect Your Privacy on Apps

To protect your privacy on apps, Adrianus Warmenhoven offers these preventive measures:

• Download from official stores. Unofficial app stores won’t always have systems to check whether an app is safe before it’s published and available to download. Moreover, getting an app from an unofficial source carries the risk of it being modified by criminals.

• Read the app’s privacy policy before downloading. Check what information the app will track and what it will share with third parties. If you’re not happy with the level of privacy, look for an alternative.

• Get to know your data permissions. When you download an app, you’ll be asked to give various permissions to access your data. Make sure they make sense to you. If you already have an app, review all the permissions and turn off the ones you don’t want or need, and consider deleting the apps that ask for many permissions (especially if they’re not needed for the app’s functionality). You should pay particular attention to permissions like camera, microphone, storage, location, and contact list.

• Limit location permissions. Many apps request access to your phone’s location services, so ensure you know which apps you’ve granted access to. It’s best to allow apps to track your location only when using the app, rather than all the time.

• Don’t automatically sign in with social network accounts. If you’re logging in to an app with your social media account, the app can collect information from the account and vice versa.

• Delete apps you don’t use. If an app is sitting unused on your screen and you’re not getting anything from it, delete it. Chances are it’s still collecting data on you even if you’re not using it.

The post Up to 74% of Apps Collect More Information About You than They Should appeared first on SiteProNews.

The Expanding Third-Party Ecosystem

Before we dive into the intricacies of third-party risk management, let’s first understand the scope of the issue. Over the past few decades, businesses have increasingly relied on third-party relationships. These relationships can encompass various activities, including outsourcing, procurement, and collaborative partnerships.

For example, a retail giant may rely on third-party logistics providers to handle its supply chain operations. A software company might partner with a third-party development team to accelerate product development. Even seemingly non-technical aspects, like office cleaning or catering services, can involve third-party vendors. All these relationships create a vast and complex third-party ecosystem.

The Importance of Managed Third-Party Risk

As businesses expand their networks of third-party relationships, they also expand their exposure to various risks. These risks can come in multiple forms: financial, operational, compliance, reputational, and even legal. Managed third-party risk becomes a critical component of overall risk management strategies.

Financial Risk

Third-party vendors’ financial health and stability can significantly impact your business. A vendor’s financial troubles can disrupt your supply chain, lead to project delays, or even result in contract disputes. According to a 2022 report by the Global Risk Institute, 43% of businesses surveyed experienced disruptions in their supply chain due to financial problems with third-party vendors in the past year. By managing third-party financial risk, you can identify potential issues before they escalate.

Operational Risk

Third-party partners play a vital role in your day-to-day operations. Any operational issues on their end can ripple through your organization. A logistics provider’s failure to deliver goods on time or a technology vendor’s system outage can disrupt your business. Effective risk management helps you anticipate and mitigate these operational disruptions.

Compliance Risk

Regulations and compliance requirements are continually evolving. When you engage with third parties, you share compliance responsibilities. Failure to ensure that your vendors adhere to relevant regulations can result in penalties and damage your reputation. Managed third-party risk includes compliance monitoring to reduce these risks.

Reputational Risk

The reputation of your business is a valuable asset. Any unethical or irresponsible behavior by a third-party vendor can tarnish your image. You can protect your brand’s reputation by carefully selecting and monitoring your partners.

Legal Risk

Contracts and legal agreements are essential components of third-party relationships. Inadequate contract management can expose your business to legal disputes and liabilities. Managed third-party risk includes robust contract management to mitigate legal risks.

The Process of Third-Party Risk Management

Effectively managed third-party risk program involves a systematic approach:

Identification

Begin by identifying all third-party relationships within your organization. This involves cataloging vendors, suppliers, contractors, and any other external entities you engage with.

Assessment

Evaluate the risks associated with each third-party relationship. This assessment should include financial health checks, compliance reviews, and operational risk assessments.

Risk Mitigation

Develop strategies to mitigate identified risks. This may involve renegotiating contracts, diversifying vendors, or setting up contingency plans.

Monitoring

Continuously monitor your third-party relationships to ensure ongoing compliance and performance. This includes regular audits and performance reviews.

Response and Recovery

Have a plan for responding to and recovering from third-party-related incidents. This might involve invoking contingency plans, legal action, or sourcing alternative vendors.

Documentation

Maintain thorough records of all third-party relationships, assessments, and risk mitigation efforts. This documentation is crucial for compliance and future reference.

The Benefits of Effective Third-Party Risk Management

Implementing a robust third-party risk management program offers several advantages to your business:

Risk Reduction

By proactively identifying and mitigating risks, you reduce the likelihood of disruptions to your operations and financial stability.

Cost Savings

Efficient risk management can lead to cost savings in the long run. For instance, renegotiating contracts with better terms or diversifying vendors can lower costs.

Reputation Protection

Protecting your reputation is invaluable. Effective risk management helps maintain your brand’s integrity in the eyes of customers and stakeholders.

Legal Compliance

Meeting legal and regulatory requirements is essential for avoiding costly penalties and legal disputes.

Competitive Advantage

Demonstrating third-party solid risk management practices can give your business a competitive edge. Many customers and partners prefer working with organizations that take risk seriously.

Resilience

A well-managed third-party ecosystem enhances your business’s ability to weather unforeseen challenges, such as economic downturns or global crises.

Conclusion

As businesses expand their third-party relationships, the importance of managed third-party risk cannot be overstated. Beyond cybersecurity concerns, companies must proactively identify, assess, and mitigate the myriad risks associated with their third-party partners. Organizations can protect their financial stability, reputation, and overall operational integrity by adopting a comprehensive third-party risk management approach. In today’s complex business landscape, it’s not enough to secure your fortress; you must also fortify the walls of your extended ecosystem.

The post Beyond Cybersecurity: Exploring Third-party Risk in Business Operations appeared first on SiteProNews.

“IT and cybersecurity budgeting are two different segments of financing. IT covers overall technology investments, including hardware, software, personnel, and cybersecurity. Because cybersecurity is just a fraction of the grand scheme, it explains why budgets can be tight and sometimes even non-existent,” says Carlos Salas, a cybersecurity expert at NordLayer. 

Additionally, the same research shows that the most prominent cyber attacks in Canada from the last year were phishing (42%), malware (33%), and data breaches (27%). As a result, financial damages vary from losses of up to 5,000 CAD for 45% of companies to over 10,000 CAD for 12% of surveyed Canadian companies. Numbers could be even higher because as much as 15% of companies could not disclose how much they lost due to cyber incidents.

What Cybersecurity Solutions Are Currently In Use Among Canadian Companies?

Research reveals that Canadian companies combine different measures to achieve security. More than 7 out of 10 companies utilize antivirus software (72%). Secure passwords (66%) and file encryption (65%) are the second-highest priority when creating security policies within organizations at the moment. 

Business virtual private networks (VPNs) maintain their popularity in securing organization network connections, with over half (65%) of companies using them. Cyber insurance (43%) is a relatively new solution making its way to business cybersecurity, although its focus is on covering the consequences of an incident rather than preventing it.

A Quarter of Canadian Companies Plan to Allocate up to 24% of Their Organizational Budget for IT Needs in 2023

Spending on cybersecurity solutions, services, and applications will remain a priority (55%) in the 2023 budget. Besides cybersecurity training for employees (51%), Canadian companies will devote slightly less budget to hiring dedicated staff for cybersecurity questions (43%) and external cybersecurity audits (38%).

The research shows that 39% of surveyed companies plan to allocate up to 24% of their organizational budget for IT needs in 2023, and another 37% of respondents plan to invest up to 49% of their budget. Only 4% of companies said they don’t plan to invest in cybersecurity in 2023, out of which the majority are small companies.  

“Business budgeting tendencies show that cybersecurity investments receive only a small part of the allocated IT budget. Cybersecurity funds must be distributed wisely to ensure valuable outcomes, prove the chosen security direction effective, and minimize resources’ waste,“ says Salas.

What Cyberattacks Are Experienced in Small, Medium, and Large Companies?

NordLayer surveyed organizations of various sizes, revealing some similarities and differences between cyberattacks and company size. Speaking of similarities among all sizes, phishing (39%) is the overall most prominent, followed by malware (34%).

Small businesses are more likely to experience identity theft (12%) or data breaches (11%) than insider threats (2%) or social engineering attacks (5%). Also, small businesses experience the lowest number of cyberattacks — 42% of respondents did not face them.

Medium enterprises tend to suffer from malware (43%), social engineering (30%), and insider threats (29%). Compared with the other two categories, medium-sized businesses were exposed most to data breaches (34%) and DDos/DoS attacks (27%).

Large companies experienced the most cyberattacks — as much as 92%. Organizations of such size experience malware (43%) slightly more often than phishing (42%). They experience the same amount of data breaches and identity theft (27%) attacks, while ransomware is the least expected (19%).  

Companies Should Allocate a Budget for Cybersecurity 

The mantra “cybersecurity keeps evolving — so do cyber threats” remains relevant today, emphasizing the need for strengthening business protection measures. Choosing comprehensive cybersecurity tools and solutions helps to achieve the flexibility needed to adapt to dynamic technological and risk change. A sufficient budget is key. 

Salas also shares his tips on securing organizations: “No business is too small to experience a cyberattack. My recommendation for organizations of all sizes is to have a strong cybersecurity strategy. It should have the mindset that every employee is responsible for cybersecurity, not only the IT department. Speaking of concrete tools within the strategy, the company should have cyber mitigation and remediation solutions as well as backup plans for threat scenarios. Also, invest in employee training and dedicated staff for cybersecurity matters.”

Methodology: NordLayer surveyed 500 companies in three countries: the United States, the United Kingdom, and Canada. The external agency SAGO conducted the surveys between March 15 and 25, 2023. Respondents were asked a set of questions about cyber incident costs and allocated budgeting for IT and security in the period of 2022-2023. The samples were taken from non-governmental organizations operating in the services industry, and the target respondents were decision-makers (sole or partial) for IT-related acquisitions. Companies were divided into three main groups regarding size: 1 – 10 employees (small), 11-200 employees (medium), 201+ employees (large). 

The post Purchase of Cybersecurity Solutions Is the Most Popular IT Investment Among Canadian Companies this Year appeared first on SiteProNews.

Two out of three people are worried about criminals tracking them online, according to research by NordVPN. This fear is not irrational — in fact, one of the most common cybersecurity crimes is camera hacking. Criminals can secretly spy on users, record videos of them, and then blackmail the victim by threatening to release the footage publicly. Moreover, unwanted fame is not the only negative effect that “camfecting” can have.

“A camfecting attack is not hard to perform. To hijack your device camera, hackers need to slip remote-control malware into your laptop or smartphone. A cybersecurity attack can be performed by sending infected emails, luring in users into malicious sites, or infecting torrent downloads, or downloads from unauthorized sites. Luckily, it’s easy to spot the warning signs or enhance your computer or smartphone camera security,” says Adrianus Warmenhoven, a cybersecurity expert at NordVPN.

What Are the Signs of Camfecting?

Many signs can give away a hacked camera. For example, if your camera’s indicator light is on or blinking even though you haven’t turned the camera on, it might be a sign that it has been camfecting. Nevertheless, it might not always be the case: an abnormally acting camera light could result from an application running in the background.

There are other signs of potential camfecting, such as faster battery draining, random apps installed without user’s knowledge, device freezing and crashing. It is also advisable to install or run a malware-detecting software, such as Threat Protection or antivirus. If a user notices any of these signs, experts advise to speak to IT professionals.

How to Protect the Device from Camfecting?

“Putting a piece of tape or a camcover over your device’s camera is perhaps the easiest and most reliable way to prevent someone from watching you through your computer camera and improve your home security. However, by putting this physical blocker in place you simply restrict the attacker’s view, but don’t solve the actual issue. Keep in mind that the same malware that allows cybercriminals to access your camera, also can provide access to your personal files, messages, and browsing history,” says Warmenhoven.

To protect yourself from malware, Adrianus Warmenhoven recommends to take the following steps:

• Enable firewall. A firewall protects the system by monitoring the network traffic and blocking suspicious connections. Users should have security settings and ensure the computer’s inbuilt firewall is running.

• Use a reliable antivirus. Users should choose an antivirus with advanced protection against malware, spyware, and viruses. An antivirus program will detect and neutralize malicious threats before they do any harm. For example, NordVPN’s Threat Protection feature neutralizes cyber threats, like malware-ridden files or malicious websites, before they can damage your device.

• Don’t fall into a phishing trap. Hackers may disguise themselves as support agents and contact users, saying there’s an issue with the device or software and they have to take care of it. It’s a common phishing technique cybercriminals use to slip remote-access software onto a device. Such software then allows them to access your camera and manage its permissions.Another way to lure victims into downloading malware is through phishing emails that hide spoofed URLs and malicious files.

• Stay secure on public Wi-Fi using VPN. Public Wi-Fi networks are highly vulnerable to hacking. Cybercriminals often target people at free hotspots and try to slip malware into their devices. Users should always use a VPN to secure their Wi-Fi connection and protect themselves from unwanted snoopers.

The post Your Camera Might Be Secretly Filming You – How to Stop That? appeared first on SiteProNews.

Half of Americans (53%) say they have seen an ad for a product or service pop up on their phones soon after talking about it or watching it on TV, new research by cybersecurity company NordVPN reveals.

Two in four (50%) consumers admit they have no idea how to prevent this from happening and one in ten (10%) who noticed the adverts said it scared them.

Rather than devices reading your mind, this personalised product placement is due to a type of data monitoring called ultrasonic cross-device tracking. This is where apps on your smartphone listen in to background noise — including conversations — to gather more information about you.

“Later, they share this data across other devices,” says Adrianus Warmenhoven, a cybersecurity advisor at NordVPN.

Smartphones were by far the most common place to find these tailored ads. Four in five (77%) Americans who recognised the phenomenon first spotted it on their handset, with half (52%) seeing it on their computer and a fourth (39%) on their tablet.

Information showing people’s behaviour across devices is extremely valuable to companies, but this type of tracking is controversial because of its lack of transparency and security concerns around consumers’ data.

A key part of cross-device tracking is the use of audio beacons, which are embedded into ultrasound — frequencies above the level that can be heard by humans — and can connect with the microphone on our devices without us knowing. This is one reason many apps ask for permission to access your smartphone’s microphone, even if they don’t involve using your voice.

“While it’s impossible to stop the ultrasonic beacons working, you can reduce the chance of your smartphone listening for them by simply restricting unnecessary permissions you have granted to the apps on your device,” says Warmenhoven.

Ultrasonic Cross-device Tracking — How Does It Work?

Ultrasonic cross-device tracking is used as a method to link all the devices you own to track your behavior and location. These ultrasonic audio beacons can be embedded in many things we interact with daily: TV shows, online videos or websites, or apps on our phones.

Imagine you are watching TV and you see chocolate being advertised. You pick up your phone, and the same chocolate ad appears on your screen. By using ultrasounds, audio beacons can detect when your phone is nearby, and apps on your phone can listen for approximate audio beacons to track what you are doing.

How Can You Reduce Cross-device Tracking?

NordVPN cybersecurity advisor Adrianus Warmenhoven has some top tips to keep snooping devices at bay:

• Change app permissions. The apps on your smartphone may have some permissions that are not required. For instance, why would a photo-editing app need access to your microphone? If apps on your phone have such non-required permissions, you should revoke these permissions. Apple now requires apps to ask your permission before tracking you or your iPhone across websites or apps owned by other companies, and you can turn this off for all apps. All changes to app permissions can usually be done in the privacy settings on your device.
• Use a private browser. If you want to keep yourself from tracking, it is best to use a private browser like Tor or DuckDuckGo rather than the incognito mode in Google Chrome. These browsers do not profile you or save any of your personal data for sharing with marketers.
• Use a VPN. One of the best ways to protect yourself from being tracked is by using a VPN. A VPN is a tool that encrypts every bit of information about your internet activity. It also stops IP-based tracking because it masks your IP address.

The post Yes, Your Phone is Eavesdropping on You – and Most Americans Don’t Know How to Stop It appeared first on SiteProNews.

Carlos Salas, an engineering manager at NordLayer, shares 10 social engineering techniques that hackers may use to target both individuals and organizations. According to Salas, “Social engineering is one of the easiest ways to get access to sensitive data, especially when employees haven’t been trained on how to recognize and combat it. Because every member of the organization is a potential target, with interactive and informative training, such attacks can be stopped.” Below, he shares his expertise on how to avoid any potential loss and examples of such attacks.

1. Baiting

Baiting attacks use a false promise to rouse a victim’s greed or curiosity. Social engineers use bait to lure users into a trap that steals their personal information or infects their systems with malware. For example, infected USB memory sticks are left in parking lots or offices, tempting people to see what’s on them. Don’t ever try to check what is inside the unattended USB devices, and make sure to report it to the security team if you see them lying around.

2. Pretexting

An attacker uses a made-up scenario (a pretext) to provoke an employee to disclose sensitive information, for example, login details to IT systems or personal information about other employees. It often requires researching the target prior to the attack to make the scenario plausible and to gain the trust of the victim. If that happens, the most important thing is to verify the identity, avoid sharing personal details and report the incident to the IT team.

3. Watering Hole

In a watering-hole attack, the attacker infects an existing website or creates a fake website that mimics an existing website often used by a certain group of people, for example, employees of a company. The goal is to infect a targeted user’s computer and gain access, for instance, to the network at the target’s workplace. To protect yourself, only access websites that have HTTPS in the URL code, update your software, and use malware-detection tools.

4. Quid Pro Quo

Quid pro quo attacks rely on people’s sense of reciprocity. Attackers offer services, assistance, or other benefits in exchange for information. For example, someone pretending to be an IT expert might ask for your device’s login credentials in order to make that device run faster. In order to prevent information loss, verify the identity of IT technician, question methods and tools, and use anti-malware software.

5. Scareware

Scareware is a form of malicious software, usually a pop-up that warns that your security software is out of date or that malicious software has been detected on your machine. It fools victims into visiting malicious websites or buying worthless antivirus software. Use an ad-blocker and reputable antivirus and avoid clicking on pop-ups.

6. Tailgating and Piggybacking

Tailgating and piggybacking involve an attacker accessing a secure or restricted area. For instance, a person might tailgate an employee into the office, claiming to have lost their access card, pretending to be a repair technician, or holding coffee cups in both of their hands and asking for your help with the door.

7. Vishing

Vishing, also known as “voice phishing,” is a practice of eliciting information or attempting to influence someone via the telephone. In 2021 alone, TrueCaller reports that Americans lost $29,800,000 to phone scams. Avoid responding to emails or social media messages that ask for your phone number. Remember that your colleagues will never call you at home asking you to transfer funds or any other sensitive information.

8. Shoulder Surfing

Shoulder surfing is the bad actor watching their unsuspecting victim while they’re entering passwords and other sensitive information. But this technique doesn’t have to be used at close range, literally looking over their shoulder. It could be employed by the hacker from a distance if they use binoculars or hidden cameras, for example. In order to eliminate the risk of being snooped on this way, make sure to use strong, single sign-on passwords, biometrics, and 2-factor authentication.

9. Dumpster Diving

Dumpster diving is when attackers go through your company’s trash looking for documents containing sensitive or confidential information. Always use a file shredder to prevent information leakage.

10. Deep Fakes

Deepfakes (“deep learning” + “fake”) are synthetic media in which a person in an existing image, audio, or video is replaced with someone else’s likeness. It is possible to detect deep fakes. Make sure to check for shadows appearing on the face, notice if eyes are blinking and try to detect wrinkles. Beware of poor-quality phone call recordings and pay attention to how letters like f, s, v, and z are pronounced — software has trouble differentiating them from noise.

The post 10 Intricate Social Engineering Techniques that Can Harm Anyone and Ways to Prevent Them from Happening appeared first on SiteProNews.

“The online world is challenging people in every single move they make. Want to read an article? Dozens of ads and pop-ups are ready to immediately cover your screen. Another privacy threat – malware – is lurking for you on websites and in files you are about to download. Websites you browse are also full of third-party trackers that analyze your browsing history to find out what you do online. It depends on you to stop it,” says Adrianus Warmenhoven, a cybersecurity advisor at NordVPN.

Adult Content Sites contain the Biggest Amount of Malware

Malware is malicious software that seeks to damage or compromise a device or data. Malware’s scope varies from relatively harmless to extremely dangerous. Malicious software can track people’s data, steal sensitive information, or even delete it without your consent.

NordVPN research shows that adult content sites (21%), as well as cloud storage providers (14%) and entertainment sites (11%), contain the biggest amount of malware. In December, Threat Protection blocked 60.4K, 40.1K, and 30.9K domains of these categories respectively.

Among the most common types of malware are viruses, spyware, worms, trojans, adware, scareware, ransomware, and fireless malware.

Streaming Media Sites have the Most Intrusive Ads

Intrusive advertising refers to pushing invasive and irrelevant ads in front of consumers. They irritate users by popping up unexpectedly, blocking the host page, opening new pages and windows, or playing video and audio at inopportune times.

As for intrusive ads, the majority of them were found on streaming (23%), adult content (16%), and online shopping (9%) sites. Threat Protection detected and blocked millions of them: 552M, 389M, and 226M respectively.

“Today, ad blockers are essential for both security because they block ads that can infect people’s devices and privacy because annoying ads rely on collecting data from web activity and violating people’s privacy. Also, if a website is loading slower than usual, you can blame intrusive ads. Free apps filled with unwanted ads could also drain your device’s battery faster,” explains Adrianus Warmenhoven.

Video Hosting Sites have the Biggest Number of Trackers

While many trackers are a tool for advertising and improving user experience, they may also become handy for online spies. Internet service providers (ISPs), marketing agencies, social media companies, and governments can access your online actions and breach your privacy.

NordVPN’s Threat Protection showed that video hosting sites (22%), cloud storage providers (16.31%), web email (16.25%), and information technology sites (12%) have the most trackers. Video hosting sites alone had 239 billion trackers blocked by Threat Protection in December 2022.

It’s worth adding that earlier NordVPN research showed that the average number of trackers per website is highest in Hong Kong (45.4 trackers), Singapore (33.5), the United States (23.1), and Australia (18.6).

“You can become less trackable online by declining third party cookies, because the website can sell your browsing data to third parties; using a VPN, which will hide your real IP address and location; installing a tracker blocker, which will stop your browsers from collecting information about you; and using privacy browsers, which can obfuscate your browser fingerprint, or ditching Google, which tracks a lot of data about you,” says Adrianus Warmenhoven.

Threat Protection scans your files before you download them, identifies threats, and blocks them before they can harm your device. The feature is free with every NordVPN subscription – and it allows you to go online without leaving a trace, protecting your privacy and improving your digital security.

The post Adult Content, Streaming, and Video Hosting Sites have the Most Security Threats appeared first on SiteProNews.

At least five million people have had their online identities stolen and sold on bot markets for 8 CAD on average. Out of all the affected people, 16 thousand are from Canada.

This data comes from research by the cybersecurity company NordVPN, which looked into three major bot markets. The word “bot” in this situation does not mean an autonomous program – in this case, it refers to data-harvesting malware. Bot markets are online marketplaces hackers use to sell data they have stolen l from their victims’ devices with bot malware. The data is sold in packets, which include logins, cookies, digital fingerprints, and other information — the full digital identity of a compromised person.

“What makes bot markets different from other dark web markets is that they are able to get large amounts of data about one person in one place. And after the bot is sold, they guarantee the buyer that the victim’s information will be updated as long as their device is infected by the bot,” says Marijus Briedis, CTO at NordVPN. “A simple password is no longer worth money to criminals, when they can buy logins, cookies, and digital fingerprints in one click for just eight Canadian dollars.”

Researchers analyzed three major bot markets: the Genesis Market, the Russian Market, and 2Easy. All of the markets were active and accessible on the surface web at the time of analysis. The data on bot markets was compiled in partnership with independent third-party researchers specializing in cybersecurity incident research.

The most popular types of malware that steal data are RedLine, Vidar, Racoon, Taurus, and AZORult.

What Information Do Hackers Sell on Bot Markets?

• Screenshots of a device. During a malicious attack, a virus might take a snapshot of the user’s screen. It can even take a picture with the user’s webcam.
  
  
• Logins and other credentials. When a virus attacks the user’s device, it may grab logins saved to their browser. The research found 26.6 million stolen logins on the analyzed markets. Among them were 720 thousand Google logins, 654 thousand Microsoft logins, and 647 thousand Facebook logins.
  
  
• Cookies. These are also usually stolen from a user’s browser and help criminals bypass two-factor authentication.The research found 667 million stolen cookies on the analyzed markets.

• Digital fingerprints. A person’s digital fingerprint includes screen resolution, device information, default language, browser preferences, and other information that makes the user unique. Many online platforms track their users’ digital fingerprints to make sure they properly authenticate them. During the research, 81 thousand stolen digital fingerprints were found on the analyzed markets.
  
• Autofill forms. Many people use the autofill function for their names and emails as well as for their payment cards and addresses. All of these details can be stolen by malware. During the research, 538 thousand autofill forms were found on the analyzed market.

You can learn more about how bot markets work by watching this video: https://youtu.be/dAyl1xBgTUg

A Perfect Crime Using Bots

The scariest thing about bot markets is that they make it easy for hackers to exploit the victim’s data. Even a rookie cybercriminal can connect to someone’s Facebook account if they have cookies and digital fingerprints in place, which help them bypass multi-factor authentication.

After logging in to a user’s account, a cybercriminal can try contacting people on a victim’s friends list and send malicious links or ask for a money transfer. They can also post fake information on the victim’s social media feed.

Information stolen from autofill forms or just by taking a device screenshot can help these actions look more believable and trustworthy. And you will have no way to detect who used your data.

“Some tactics are even simpler. A hacker can, for example, take control of a victim’s Steam account by changing the password. Steam accounts are sold for up to $6,000 per account and can be easy money for a criminal,” says Marijus Briedis.

More sophisticated criminals buy this information and target businesses with phishing attacks, trying to impersonate the company’s employees.

“To protect yourself, use an antivirus at all times. Other measures that could help – a password manager and file encryptions tools to make sure that even if a criminal infects your device, there is very little for them to steal,” adds Marijus Briedis.

The methodology, together with more information about the three analyzed markets, can be found here: https://nordvpn.com/research-lab/bot-markets/

The post Thousands of Canadians Have Their Data Sold on Bot Markets appeared first on SiteProNews.

This is why establishing a cybersecurity budget is essential for any business and a crucial job for IT leaders is to work out how to spend that budget in a way that best serves the business and offers it sufficient protection. Getting this task right can be challenging, especially with threats evolving daily, but the best approach is first establishing where your unique risks lie as an organisation and focusing your budget here.

So how do you assess this risk and quantify it?

To understand your risk areas, you’ll want a comprehensive overview of your current situation – what data is there, where is it located and who has access to it? Classifying data into groups and identifying how sensitive it is will ensure your budget goes towards protecting the biggest sources of vulnerability. For more quantitative data, you can work out the probability of an attack and what the business losses would be as a result of it. Financial losses can occur due to operational downtime, loss in sales, repairing reputational damage or even legal and regulatory fines. Once you’ve established what the business impact would be for each bit of data if compromised, you’ll have a clearer idea of how to apply your budget. This quantitative data can also be very helpful when looking to secure your cybersecurity budget from the C-Suite and other stakeholders in the first place, as you can demonstrate what level of investment would be optimal for the company.

Your organisation’s risk exposure will largely guide the way with your budget spend, but it’s important to also have an understanding of the general threat landscape as there are usually common trends and threats on the rise at any given time. For example, 2021 saw a massive 105% surge in ransomware attacks, so a focus on malware protection would have been logical when distributing your security spend. CISOs and IT leaders can also look to industry frameworks like NIST, Cyber Essentials or ISO, which provide clear models for good cybersecurity and allow businesses to identify their gaps and weaknesses. This can be an effective place to start for businesses needing firmer security foundations and a bit more direction as they shape their priorities.

There are arguably key aspects of security that there will always be a need for as evidence continually points to these being critical areas of vulnerability for companies, and as such they should be included in every budget. Unpatched devices are regularly exploited by hackers, so investing in a good patch management solution is likely a wise spending decision. Similarly, with human error still the number one cause for cyber attacks, security awareness training is another sensible investment for businesses. If employees can identify key threats and understand security best practices, the risk that they will unwittingly facilitate a cyber incident can be largely reduced.

Of course, not everything has to cost money. Building this culture of cybersecurity awareness in the workplace can be as simple as encouraging your workforce to report suspicious activity, be wary of phishing links and, wherever possible, confirm any big payments to avoid fraud – all this can reduce a lot of risk and potential damage for your business. With credential leaks often a big part to play in cyber breaches, good password health is also crucial and doesn’t need to cost a lot. Creating a password policy to guide employees, enabling multi factor authentication on devices and applications and using a password manager (there are many free options available) are all things that can benefit your security strategy.

There is no perfect solution for spending your budget effectively but being smart with your approach and considering all angles with key business goals in mind will set you on the right course. A thorough risk assessment and identification of all your company assets can give you the bird’s eye view you need to help determine your priorities, but keeping an eye on current trends and threats should also inform your spending decisions. As your business and the threat landscape changes, regular monitoring and reevaluation will be necessary so you are always spending in line with business requirements, and of course if you are the unfortunate victim of an attack, it can be treated as a learning opportunity. Reflecting on causes and investing in solutions to address them so an attack doesn’t happen again is at least one positive outcome of any incident.

The post How to Spend Your Security Budget Effectively appeared first on SiteProNews.

However, knowledge is power, and knowing what you’re up against can enable you to take the appropriate steps to protect your company. This has become especially crucial in a time where eCommerce and digital marketing have become a staple in doing business of all kinds.

This post will talk about the most common security vulnerabilities, so you’ll recognize red flags to avoid or spot them before they cause any damage.

1. Phishing

Phishing scams are the most dangerous and widespread threat to small company websites. 90 percent of all security breaches that organizations face are caused by phishing. Not to mention, it affects even vulnerable individuals that have no huge businesses.

Phishing attacks have existed since the internet’s inception. They occur when a hacker poses as a trustworthy contact and entices victims to provide personal information. Remember when someone sent emails about an inheritance they wanted to share with you?

However, these days phishing is becoming harder to spot. Some scammers will try to replicate official emails and layouts from banks, social media, and Amazon accounts.

The best approach to prevent these attacks is to train your personnel to be on the lookout for them. Some of these emails might try to pretend they’re your company’s bank, a member of the board, or a hosting site where you run your website.

2. Malware

Malware is a harmful program that is designed to harm and infect a computer system. The malware carries a wide range of website security hazards, from adware to infections.

A web server infected with malware might be exposed to information theft, privacy attacks, and website hijacking. Make sure you avoid shady emails, suspicious ads, and malware-flagged websites.

3. Ransomware

Cyberattacks, including ransomware, are also common security vulnerabilities. In a ransomware attack, the software prevents you from accessing sensitive data unless you pay the hackers money. These hacks happen on a daily basis to a wide range of businesses.

You may, however, prevent attacks by keeping your systems up to date and employing high-quality site security software. Also, backup your company data and use caution while opening new files on a computer. Before you may open a file, your anti-virus software must validate its contents.

4. Vulnerabilities in Passwords

Many hackers can crack passwords or use programs to attempt different combinations until they gain access to your devices and websites. They also employ keylogging to gain access to user accounts in other circumstances.

A computer user’s keystrokes are logged using keylogging software. It then sends a message to the cybercriminals who installed the dangerous program. To protect your website against this, take the following steps:

• Creating a strong and unique password
• Require users to reset their passwords on a regular basis
• Verifying user access with two-factor authentication
• Never use your login or personal information as a password

Hackers might swiftly gain access to your system if your website does not have sufficient password protection.

If your website allows customers to sign in, make sure to apply these steps and constantly impose these reminders. For example, some websites will require their users to create strong passwords with capitalization variety, special symbols, and numbers upon sign up. You can also regularly remind them to change their passwords every now and again.

5. Vulnerabilities in Cross-Site Scripting

Cross-site scripting (XSS) is a different type of security vulnerability in website design. When JavaScript codes are added to a website, they can target and tamper with client scripts, resulting in XSS.

Users’ sessions are hijacked by these scripts when they utilize a website’s search function or leave comments. As a result, it has the potential to smear the website and redirect users to a website that may steal their personal information. Utilize HTTP, use suitable headers, filter your input on arrival, and use Content Security Policy to avoid this.

Bottom-line

Business has migrated and evolved to adjust to the changes brought by the internet. This means new problems and vulnerabilities, which you should already be looking out for.

So, as your business grows, make sure your data, websites, and your customer’s data are safe from malicious entities.

The post Cybersecurity Vulnerabilities You Need To Address ASAP appeared first on SiteProNews.

Understanding the Three A’s of Cyber Threat Intelligence:

• Assess your environment: While you may be aware of the common threats and the mitigation measures required for each one of them, it does not necessarily mean you can use the same tactical measures to deal with a Zero Day. It is always imperative that you have ample visibility in your network and rigorously stress test the system to identify gaps and weaknesses.
• Awareness surrounding your environment: while the first point focuses on the one’s own network, it is important to be aware of the threats that ail the global landscape. While it’s a common knowledge once a Zero Day has been exploited several times, it’s only a matter of time before patches and the updates are released to fix it. But are you aware of the attacks that slip through even before the patches are out? Yes, it happens and often is always too late to act upon. A good solution to this would be to stay up to date and nip the vulnerabilities in the bud.
• Analyze for compatibility: While one must have a network that is actively flexible to incorporate changes being made today and the ones in future, most networks unfortunately are rigid. In complex networks associated with IoT, OT or ICS equipments, such as the ones seen in industrial shop floors and huge manufacturing assembly lines, most are set up for the operational availability and the integrity of the system but not crucially for security in the zones and conduits of the network that are usually the ones to allow a threat actor to breeze around laterally in your network by the ways they are set up. Compatibility of the connected equipment and the network is always complex to analyze but it’s the most necessary one. As this may bring in complexities and gaps into the network that one might not have thought of yet.

Now that you are aware of the three A’s, its often easy to remember these steps as an AAA battery that powers your awareness and the reason why leveraging cyber threat intelligence is vital. Coming to the part where you leverage the cyberthreat intelligence is the one where you take action and improve your overall strategic resilience.

What to Consider When Implementing a Cyber Threat Intelligence Program

Here are the 7 vital points that you can implement to effectively leverage and amplify the impact of a comprehensive cyber threat intelligence program:

• IoT and OT cyber threat intelligence: In complex environments involving, IoT, OT, ICS and IIoT equipment, it is vital that your threat intelligence feeds are tailored to meet your requirements while ensuring they are contextually sound, actionable, and strengthen your threat hunting capabilities.
• Availability in real time: While most cyber threat intelligence feeds have a delay or a lag, leveraging a threat intelligence that can provide you intelligence in real time has its own added advantages. To name a few, it can help educate your teams to get a head start with building response playbooks for threats that are yet to emerge. Discover unique IoC’s (Indicators of Compromise) that can help you detect vulnerabilities much quicker than your peers or others.
• Leveraging credible cyber threat intelligence vendor: While most vendors are likely push feeds that are generally outdated or even too late to act upon, get yourself a credible threat intelligence vendor that you can trust. You can identify a credible treat intelligence vendor from their ability to source intelligence from native Honey Pots and data from externally sourced legitimate feeds that can tailor your needs.
• Get Ahead of the compliance game: Compliance roll outs are often time consuming, exhausting and often dealing with global advisories or standards which might not apply to you. With the right cyber threat intelligence feeds, you can stay ahead of the game by documenting, discovering, and detecting emerging new threats. This will help you strategically put a road map to stay compliant ahead of the game.
• Quantifiable and qualitative RoI: Justifying the RoI for a cybersecurity program is one of the toughest challenges out there and unfortunately, often not realized easily. Leveraging cyber threat intelligence will be at its effective best when it comes to justifying the investments in your cybersecurity team. It can also help showcase your ability to detect and eliminate threats, building a much ethical and highly educated workforce.
• Set industrial standards and build trust: With the ability to detect emerging threats in real time in complex environment, you can leverage the cyber threat intelligence to set industrial standards, help other organizations in your industry, but most importantly build credible trust with your prospects. Leverage this added benefit as a competitive advantage that sets you apart.
• Flexible to integrate: Leverage your cyber threat intelligence ability to integrate with your existing set up of your SOC, SIEM or SOAR systems without having to go about a hassle your way around complicated set up. If it’s worth the trouble, just recollect the ‘3^rd A’ form the triple A’s of leveraging cyber threat intelligence feeds. This will help you on the long run!

The right cyber threat intelligence feeds always set up an organization for hyper cyber resilience in the long run and effectively proven to be vital in every organization, which is why we at Sectrio are offering a 15-day free access to our IoT and OT tailored cyber threat feeds that is organically obtained from a network that houses what is arguably the world’s largest IoT and OT threat intelligence gathering network.

In addition to the above-mentioned points, do keep in mind that it is highly flexible in integrating with your SIEMs and multi-tier IT, OT and IoT cybersecurity programs. Get started with Sectrio’s free cyber threat intelligence feeds for 15 days.

The post Leveraging Cyber Threat Intelligence for an Unassailable Cyberdefensive Strategy appeared first on SiteProNews.

Machine Learning: Definition and Types

Machine learning is a branch of artificial intelligence, which is a sophisticated technology that performs tasks without human help. The algorithms are designed to learn from experience and better perform at complex tasks. Netflix’s recommendation system is a good example here.

Types of Machine Learning

The programmers or data scientists choose the type of machine learning based on the data they are dealing with. The four types include supervised, unsupervised, semi-supervised, and reinforcement.

1. Supervised Learning

Algorithms in supervised machine learning are trained based on the labeled datasets which in turn classifies the data and derives the results accordingly. Supervised learning is task-driven.

Example: Filtering out spam emails.

Algorithms Used: Naive Bayes algorithm, support vector machine(SVM), etc. are some examples.

2. Unsupervised Learning

Datasets are not labeled in this one and the algorithm analyzes the datasets and looks for the presence of any pattern in them. Unsupervised learning is data-driven.

Example: Image recognition.

Algorithms Used: K-means clustering, probabilistic clustering, etc.

3. Semi-Supervised Learning

It is a balance between supervised and unsupervised machine learning algorithms and uses a mixture of both labeled and unlabeled data sets. The semi-supervised learning model explores its understanding of the data itself.

Example: Audio and video manipulation.

Algorithms Used: Self-trained naive Bayes algorithm (natural language processing).

4. Reinforcement Learning

Learns the environment on its own and doesn’t use the sampled datasets. Reinforcement machine learning algorithm operates on the trial and error method. Bad outcomes are rejected and the system uses the correct generated results for training.

Example: Policy creation.

Algorithms Used: Q-learning.

A Word on Sophia, the Robot

Activated in 2014, Sophia is the first humanoid robot. She is smart and can not only express facial expressions but can also use humor in her words. Sophia was first launched publicly in Texas. She was also granted citizenship by Saudi Arabia. In the not too distant future, robots will be able to perform daily regular activities in the same manner that humans do in real life.

Machine Learning and Cybersecurity: Enhancing Security

Machine language is imperative to realize the dream of a digital world, giving decision-making control to machines and providing ease to human beings from working on tardy tasks. Apart from just being a helper in daily work, machine learning can also provide benefits in the department of cybersecurity, which is the most present-day demand by the institutes working on confidential data. It is imperative for companies to have a secure system that protects their confidential records and prevents any attempts of hacks. Data breaches of, for example, company profiles can significantly damage their reputation, lead to financial loss and even fines. The introduction of machine learning in cyber security can help solve the security issue present in organizations today.

The future of cyber security lies in advanced technologies like machine learning. With machine learning, we can add security systems trained to recognize the patterns and improve the security systems based on the generated outcomes. Artificial intelligence can cover the loopholes and the hidden ambiguities in cybersecurity, with advancements like facial recognition, voice recognition, eye recognition, and fingerprint recognition, etc. Moreover, technologies like an identity verification system and know your customer kyc compliance can also provide security control on login checks to stop unauthorized users from accessing and corrupting the system.

Role of Identity Verification in Cybersecurity

The addition of identity verification can provide the security of the confidential information needed at the current moment. An identity verification system authenticates the user before giving them access to their system. Identity verification solutions authenticate the identity of customers during onboarding. The verification documents presented by the consumer are verified for their originality. The user’s identity is verified with biometric verification services like Facial recognition that can use 3D mapping and analyze the skin texture along with detecting the liveness of the user.

Conclusion

The chairman of Google, Eric Schmidt, says that the press and media have immensely covered the innovation of self-driving cars and robots whereas the real future of the company lies in machine learning. Machine learning gives computers the ability to become smarter and more personal.

To wind up the whole conversation, machine learning is important, not only for digitizing the world but also for enhancing the current cybersecurity precision and improving the safety protocols of organizations.

The post Machine Learning – What It Can Bring to Cyber Security? appeared first on SiteProNews.

One of the biggest threats to your business is cybercrime. Cybercrime costs businesses billions of dollars

each year, according to the FBI, which is why it’s so important for your business to understand the threats and take steps to protect your assets in cyberspace.

Cybercriminals Target Small to Medium Businesses

The recent surge of cybercrime has even greater implications for small businesses than it does for large enterprises, simply because the vulnerabilities are more easily exploited by hackers and cybercriminals. The SANS Institute says that small- to medium-sized companies are increasingly becoming targets for cyber attacks, and while some types of attacks can be mitigated within several months, many are preventable with cybersecurity training.

The average cost of downtime for businesses is over $200,000, and that can seriously hinder a company’s bottom line. Even worse, sixty percent of affected businesses go under within six months of being victimized.

While cyber defense is an ongoing process that requires continuous vigilance, having good habits from the beginning will make it far easier to stay ahead of cybercriminals. Cyber security awareness training helps staff identify threats, minimize the risk of attack, and sharpen their ability to respond in the unfortunate event they are targeted by a malicious actor. As employees become more empowered to spot cybersecurity pitfalls, it becomes easier for businesses to protect themselves.

How a Small Business Can Prevent a Cyberattack

If you’re a small business owner, there are a few simple things you can do to make yourself a much less appealing target. A few of the most effective ways to avoid a cyber attack include:

1) Making sure that your staff knows how to recognize phishing attacks

2) Keeping all devices up-to-date on updates and software, such as installing new firewalls and anti-virus programs

3) Ensuring that you have a business continuity plan in place, which can be particularly helpful in the case of ransomware attacks or an attack on your servers

4) Being wary of suspicious emails and following secure cyber security protocols such as two-factor authentication can also help keep small businesses safe online

The Necessity of Cyber Security Training

The main reason cyber security training is a necessity is that today’s cybercriminals are becoming increasingly sophisticated, which means that even well-educated workers can be vulnerable to attacks.

In addition, businesses with an abundance of personal information about clients and employees are prime targets.

From the security perspective, it’s important to make sure everyone in an organization understands cyber defense best practices because they are all potential victims.

If a company fails to take action to protect its workers, that can lead to even bigger issues down the road when outsiders gain access to sensitive data. Without proper protection, hackers who infiltrate corporate systems gain access to huge troves of personal information, which can lead to identity theft and other malicious acts.

Although the prospect of cybercrime is frightening, companies can take proactive measures to band together their staff to fight against hackers. That includes bringing in a cyber security team to help them deal with high-risk threats.

Businesses need to create procedures so if a worker does fall for a scam, they’ll know how to react. For instance, if a business’s social media account falls into the hands of a criminal, they should have an established way to quickly reach out to their cybersecurity professional and regain control of that channel.

What is the Best Way to Train Your Employees?

Companies should consider creating a cyber security procedure manual, but the Cylance survey found employees don’t like reading these types of documents. Therefore, they should spend more time training their staff in person on what to do if they encounter phishing or malware attacks. It’s important for managers to sit down with employees and give them instructions on how to engage in their day-to-day tasks.

Conduct Penetration Testing

Another great way to train employees on how to be more secure is by conducting penetration testing. This is the process of trying to hack into a company’s system and seeing if vulnerabilities are present. If hackers can successfully infiltrate, they’ll expose weaknesses that need to be patched.

Penetration testing will provide peace of mind for business owners since their systems will have been tested, and they’ll know what needs to be strengthened.

Use Multi-Factor Authentication

It’s important for employees to utilize multi-factor authentication when accessing their company accounts. While it may seem like a hassle, the extra step will leave them more secure than they’d be otherwise. Even if someone manages to get access to an employee account, they still wouldn’t be able to access others because of the authentication. It’s also a good idea for business owners with personal accounts to use multi-factor authentication there as well, so they don’t have to worry about unauthorized use.

Be Aware of Phishing Attacks

Whenever possible, service providers should be contacted through their official domain and no other. Hackers are increasingly setting up fraudulent sites that look like the real thing to get people to enter their information or click on malicious links. If there’s ever any doubt about which site is the correct one, the URL should be referenced to see if it matches up with what would be expected. Even if a business owner thinks they’re being careful, they could still fall victim to phishing attacks if they try to access a site and it’s been changed without them knowing.

Staying Aware in Cyberspace

Every business has a target on its back, whether they’re large or small. Cybersecurity is one of the most important issues that companies will face in the 21st century. In addition to training employees, it’s essential to have a cyber insurance policy in place in case something does go wrong.

The post Why Cybersecurity Training is Non-Negotiable for Business Owners appeared first on SiteProNews.

The biggest supply chain attack of the 21st century occurred earlier this year when IT management company SolarWinds had its update server hacked and compromised by nation-state actors. The scope and impact of the data breach are still being uncovered as more than 18,000 SolarWinds customers attempt to patch and recover from the tainted update. As security experts try to repair the damages of months of undetected data extraction, companies must try to learn from the fallout as they prepare for similar supply chain attacks down the road.

Why the SolarWinds Breach is so Impactful

All of this starts with a password. In 2019, a SolarWinds password, ‘solarwinds123’, was leaked onto the public internet by an independent security researcher. According to a recent CNN report, this password was used to protect the SolarWinds file server. CNN also reports that current and former top executives are blaming a company intern for the password’s leak and the company’s recent cybersecurity scandal. Regardless of who is to blame, a password of that strength should not be used to safeguard the company hired to secure defense department emails. This is the sentiment that Republican Senator Katie Porter expressed to CNN during the fallout.

Using the password in question, Russian hackers were able to access the update server for SolarWinds’ Orion software, an “infrastructure monitoring and management” tool. The access and permissions required by Orion made it the perfect launching point for cyber criminals to invade the systems of SolarWinds customers. In accessing the Orion update server, the threat actors inserted a malicious code that every Orion owner would download during the next update. Once enough users had downloaded the update, the nation-state attackers were able to leverage all the tools and credentials that Orion had. And because the malware was integrated into the Orion code, malicious activity was that much harder to detect. As a result, the hackers were able to skim, monitor, and extract information for months prior to detection.

Putting the Fallout into Perspective

The most devastating part of supply chain attacks like the SolarWinds breach is that IT leaders do not have visibility over many of the systems, applications, and tools used by third-party vendors. 

The Guardian reported that the initial data breach happened as early as March 2020 before its eventual discovery in December. This means that Russian hackers had unauthorized access to the systems of enterprises and U.S. government agencies, such as the Department of Homeland Security, for more than half a year. Even if SolarWinds customers are able to update their Orion software and extract the existing malware, IT leaders may never fully know the degree to which their assets were compromised. Even if only a quarter of the 18,000 SolarWinds customers were attacked, the number of contacts, files, and sensitive information they extracted could have dramatic consequences if they are used in a future attack.

What makes the Solarwinds hack particularly concerning is not the number of affected customers, but the types of customers that were affected. Facebook recently had over 530 million of their users’ personal information leaked onto the Internet following a 2019 data breach. While 18,000 is significantly smaller, the size and scale of the organizations that were hit may affect an equally large number of individuals. Most of the clients affected by the Solarwinds breach were not disclosed, but many Orion owners include Fortune 500 companies across North America, Europe, Asia, and the Middle East. NPR cited SolarWinds’ recent findings, which estimated that about 100 companies and a dozen government agencies were successfully compromised. Of the notable SolarWinds clients, Microsoft, Intel, Cisco, the U.S. Treasury, Justice, and Energy departments, and the Pentagon were also compromised in the attack.

What Have Security Experts Learnt From the Attack

Who protects the cybersecurity team? This is the question that many IT leaders were forced to ask when one of their own network monitoring tools was compromised and used against them. Due to the size and complexity of modern corporations, IT executives must utilize systems and technologies that support widespread surveillance and threat detection. Unfortunately, what the SolarWinds hack has revealed is that even these security tools are susceptible to attacks. Not only do security experts need to monitor their company networks, servers, and IoTs, they must also regularly inspect their monitoring systems.

What supply chain attacks like this highlight is the need for 360-degree cybersecurity. This means having a digital and physical security program that mitigates the attack risk against every possible entry point.

The post What the SolarWinds Hack Means for the Future of Cybersecurity appeared first on SiteProNews.