Tag Archives: Cyberattacks

Even After Multiple Cyberattacks, Many Businesses Fail to Bolster Security. Here's What You Need to Do
June 18, 2018 6:05 pm|Comments (0)

Small businesses suffered a barrage of computer invasions last year but most took no action to shore up their security afterward, according to a survey by insurer Hiscox.

It found that 47 percent of small businesses reported that they had one attack in 2017, and 44 percent said they had two to four attacks.

The invasions included ransomware, which makes a computer’s files unusable unless the device’s user or owner pays a ransom, and phishing, in which emails that look legitimate are used to steals information. The invasions also include what are called drive-by attacks, which infect websites and in turn the computers that visit them.

Despite the prevalence of the data invasions, only about half of small businesses said they had a clear cybersecurity strategy, the report found. And nearly two-thirds said they didn’t bolster their security after an attack.

Hiscox estimates that seven out of 10 businesses aren’t prepared to handle cyber attacks, although they can cost a company thousands of dollars or more and ransomware can shut down operations. Cybersecurity tends to get pushed to the back burner while owners are busy developing products and services and working with clients and employees. Or owners may see it as an expense they can’t afford right now.

Some basic cybersecurity advice:

–Back up all of a company’s data securely. This means paying for a service that keeps a duplicate of all files on an ongoing basis. The best backups keep creating versions of a company’s files that can be accessed in the event of ransomware — eliminating the need to pay data thieves. Some backups cost just a few hundred dollars a year.

–Install software that searches for and immobilizes viruses, malware and other harmful programs. Also install firewalls and data encryption programs.

–Make sure you have all the updates and patches for your operating systems for all your devices. They often include security programs.

–If you have a website, learn how to protect it from hackers, using software including firewalls. But you might be better off hiring a service that will monitor your site with sophisticated tools that detect and disable intruders.

–Tell your staffers, and keep reminding them, about the dangers of clicking on links or attachments in emails unless they’re completely sure the emails are from a legitimate source. Educate your employees about phishing attacks and the tricks they use. Phishers are becoming increasingly sophisticated and are creating emails that look like they really could have come from your bank or a company you do business with.

–Hire an information technology consultant who will regularly look at your systems to be sure you have the tools you need to keep your data safe.

–The Associated Press

Tech

Posted in: Cloud Computing|Tags: , , , , , , , , , ,
North Korea Uses Microsoft and Apple Technology for Cyberattacks, Researchers Say
June 6, 2018 6:01 pm|Comments (0)

North Korea has been cited by several governments and organizations for its hacking activities. Now, a new study of network data shows much of the technology North Korea employs for hacking comes from the U.S.

Despite trade sanctions, North Korea’s government has found a way to obtain products from Apple, Microsoft, and Korea-based Samsung to carry out cyberattacks around the world, researchers at cybersecurity intelligence company Recorded Future revealed on Wednesday. The company found that North Korea is using Windows 10, Apple’s iPhone X, and Samsung’s Galaxy S8 Plus, among other technologies, to conduct operations. However, most of the technology North Korea is using is older. For instance, Recorded Future found an iPhone 4S and Windows 7, among other products, still in use.

North Korea has been isolated from the rest of the world for decades. During that time, the country’s economy has suffered and the U.S., among others, has imposed sanctions that limit a company’s ability to export to and sell in North Korea.

To circumvent those sanctions, according to Recorded Future, North Korea has engaged in a variety of activities to obtain access to U.S. and Korean technologies.

In its report, Recorded Future said that North Korea has created fake addresses and names to sidestep sanctions — and also used shell companies and aliases outside of its borders to obtain equipment and bring it back. North Koreans living in countries where equipment from Apple, Microsoft, and Samsung can be obtained legally also play a role in the effort, according to the report.

Get Data Sheet, Fortune’s technology newsletter

“Technology resellers, North Koreans abroad, and the Kim regime’s extensive criminal networks all facilitate the transfer of American technology for daily use by one of the world’s most repressive governments,” Recorded Future wrote in its report.

In other cases, however, North Korea has obtained equipment legally. Since 2002, in fact, the U.S. has exported nearly $ 484,000 in computers and electronics to North Korea.

But, since that’s hardly enough for all of the ruling party, hacking efforts, and “elites” in the country who need the technology, North Korea has employed the other schemes, Recorded Future said.

The data sheds some light on the secretive country and could explain to some degree how it’s been able to pull off some major cyberattacks. North Korea’s hackers have previously been linked to the 2017 WannaCry ransomware attack that affected computers around the world. North Korea was also accused of hacking Sony in 2014.

“Unless there’s a globally unified effort to impose comprehensive sanctions on the DPRK, and multilateral cooperation to ensure that these sanctions cannot be thwarted by a web of shell companies,” Recorded Future wrote, “North Korea will be able to continue its cyberwarfare operations unabated with the aid of Western technology.”

Tech

Posted in: Cloud Computing|Tags: , , , , , , ,