Category: Security

COVID-19 isn’t stopping the online scammers

Unfortunately, scammers are taking advantage of the spread of coronavirus to exploit and play on the fears of consumers across Australia.

Scammers are doing things such as falsely selling coronavirus-related products online, and using fake emails or text messages to try and obtain personal data.

Other scams include phishing emails and phone calls impersonating the World Health Organisation, government authorities, and legitimate businesses – including travel agents and telecommunications companies.

Current common types of coronavirus scams

  • phishing emails and phone calls impersonating entities. These include the World Health Organisation, government authorities, people confirmed to have the coronavirus, and legitimate businesses such as travel agents and telecommunications companies
  • people receiving misinformation about the coronavirus, being sent by text, social media and email
  • products claiming to be a vaccine or cure for the coronavirus
  • investment scams claiming coronavirus has created opportunities.

Subject lines used in fake emails

  • CORONA Virus Update on our Premises ID
  • Coronavirus Sensitive Matter
  • COVID-19 update
  • COVID info #
  • Covid_19 medical support
  • COVID_19 Designated Free Testing Centres in your Locality
  • COVID-19 alert id

If you’ve been scammed

Here’s what to do if you think you’ve been scammed:

  • Contact your bank or financial institution
  • Report it to ScamWatch

Trusted sources

  • Centrelink and the ATO will only send communication via the myGov portal. You will likely receive a text message to alert you to a new message but they will not include a hyperlink in that message.
  • Use trusted sites for online shopping, that offer recourse if you are unhappy with your purchase or the goods are faulty. These include most of Australia’s online retailers and eBay.
  • Check out ScamWatch to see the latest known scams and how to avoid them.

What is Disaster Recovery Testing?

The purpose of IT disaster recovery testing is to discover flaws in your disaster recovery plan so you can resolve them before they impact your ability to restore operations. Small to medium business should consider DR testing essential part of running their businesses. Regular testing is the only way to guarantee you can restore business operations quickly following an outage.

So, you’ve recovered from the shock of a disaster due to server failure or a recent flood that damaged all your computers, and you probably thought the worst is over. Unfortunately, you may not be out of the woods yet. Even though you backed up all your important data, you find out the backups failed.

What and When to Perform a Disaster Recovery Test
Disaster recovery testing has to be done in order to validate your business continuity plan. Depending on the solution, you should test that your backups are recoverable through:

  • Your onsite-business continuity device (to ensure that your device can recover your data in seconds right from the device itself)
  • The cloud-to-onsite location (to check download speeds and effects on resources)
  • Offsite-cloud virtualization, also known as disaster recovery as a service (DRaaS)
  • Your first disaster recovery test will likely be an eye opener, but it will make it easier to identify and resolve issues. Testing every quarter will validate that you’re doing the right thing for your business.

From Quarterly Testing to Daily Verifications
For most people, quarterly testing isn’t enough. After all, you never know when you’ll need it. Luckily, you can ensure backups are working properly even without a full disaster recovery test.

If you work with an Managed Services Provider like National PC, make sure they have proof of your daily backups. While an email alert or report after a backup can ensure the backup was taken, that doesn’t necessarily mean that a backup is functioning properly. To determine this, you have to start the backup as a virtual machine and ensure it works.

Another option would be to have daily screenshots that prove your backup worked. A screenshot will be emailed to you or your Managed Services Provider maintaining your network, showing the login screen of whichever machine was backed up. These aren’t screenshots of your actual machine – they’re screenshots of your backups! The ultimate proof that your system image is backed up and recoverable.

The best solutions give you peace of mind that your business is protected from data loss and downtime. The worst time to find out that a backup didn’t work is when you really need it. Disaster recovery testing should be a part of your overall business strategy with the help of your business continuity provider.

Here are a few tips that can help ensure your testing efforts are effective:

  • Choose Technology That Facilitates Testing: Instant recovery technology fundamentally changed how DR testing is performed by allowing users to easily spin up virtual machines and test the ability to restore operations. The testing process will vary depending on the backup system that you choose.
  • Define the Scope of Testing: Are you testing the ability to spin up a virtual machine locally? In the cloud? Both? Is the test conducted in a cloud-based environment that mirrors the production environment? Or, is the scope broader than that? Other tests might go beyond IT—testing an emergency generator, for example.
  • Test Regularly: How frequently should you perform disaster recovery tests? Unfortunately, there’s no magic number. Again, it’s a matter of balancing customer needs with your time and resources. For example, you might conduct local spin up tests quarterly and a more comprehensive cloud failover twice a year.

How Businesses Can Securely Work From Home

As the novel coronavirus (COVID-19) continues to spread, many businesses are assessing how they can prioritize their employee safety and still maintain regular business operations.

One solution is to require employees work from home to avoid potential illnesses.To help ease the burden on businesses, Microsoft, Google, LogMeIn, Cisco Webex, and Zoom are providing free remote working tools.

With the likely increase in remote work, companies will have to prepare in various ways to avoid cybersecurity risks or interruptions to business. When supporting a remote workforce, understand that security controls shift. Therefore, firewalls, DNS, and IDS/IPS could be ineffective when employees head home. Most environments that support VPNs should be able to protect the remote user, be sure to account for the bandwidth of users and remote desktop sessions.

Tips from National PC

  • Use a Secure WiFi Network: If possible, you should work on your secure, private home network instead of relying on public WiFi. If you send your data through an unsecured WiFi connection, you lose the power of privacy making it possible for cybercriminals to intercept your data. You may be putting personal information at risk if you are accessing your email account or sending sensitive data over a public WiFi network.
  • Secure Your Home Workstation: Ensure you have fully patched and updated anti-virus and anti-malware software. It’s important to follow the same best practices you would as if you were in the office, and report any suspicious activity or concerns to internal IT or your MSP.
  • Coordinate With Your Internal IT or Managed Services Provider: When working remotely, it’s crucial to continue your typical cybersecurity best practices and reach out with any questions or concerns. Business owners should coordinate with their internal IT department or Managed Services Provider prior to working remotely. If you have a company-provided laptop, this should be straight forward, but if you have to work from home and use your own computer, your IT department or MSP will advise you whether this is possible and if so, how to do it securely.

Web Conferencing Security

In light of COVID-19, many businesses and individuals are now turning to web conferencing systems, like Zoom, Skype, Google Hangouts, GoToMeeting and Cisco WebEx to connect online.

Web conferencing systems are great for providing real-time chat, being able to see and hear other participants and in some cases, to share or transfer files.

As we increasingly use web conferencing to keep in touch from home, cybercriminals may look to take advantage – attempting to intercept sensitive conversations, or tricking people into downloading malware on their devices.

How to stay safe when using web conferencing technology

Whether you’re a business considering different web conferencing options, or an individual running a conference call, there are simple steps you can take to make sure you’re using the technology securely and reducing your exposure to cybercriminals.

For businesses

  • Check the protections used by the provider. For example, depending on what country they’re based in, the provider may be subject by law to covert data collection requests and access. You should also read the provider’s terms and conditions carefully, paying close attention to conditions like whether the service provider claims ownership of any recorded conversations and content.
  • Check that the provider offers multi-factor authentication for users to access the system.
  • Check what information is collected by the service provider and how it is used. Such information can include names, roles, organisations, email addresses, and usernames and passwords of registered users. This will help inform what the privacy, security and legal risks are with using a provider.
  • Review the provider’s security documentation, such as terms and conditions, against your organisation’s security needs. For instance, would accepting any of their security conditions breach your organisation’s liability rules, particularly around data handling and storage?

For individual users

  • Establish your meeting securely by sending invitations and logon details separately from the invitation through a secure method, like email or encrypted messaging apps. Do not share website links or logon details on publicly-accessible websites or social media.
  • Be mindful of the sensitivity or classification of your conversations.
  • Be aware of your surroundings and use a private room or headphones if possible. If around others, keep the microphone on mute unless speaking. This helps to ensure sensitive conversations aren’t accidently overheard.
  • Where video is required, try to position your camera so it is only capturing your face, so that again, it doesn’t broadcast private or sensitive details in your background.
  • Only allow invited participants to join the meeting – and be aware of any unidentified conference participants (ask people to identify themselves).
  • Only share individual applications when screen sharing, rather than your whole screen so you don’t share more content than is needed.
  • If you’re using a web conferencing solution on your personal device, make sure you have the latest software and security updates installed. This will help prevent cybercriminals using weaknesses in software to access your devices.

The Australian Cyber Security Centre has developed guidance, which we encourage you to follow and share with your colleagues, staff, customers and other contacts.

Create better passwords – from basic to best!

Strong passwords are your first line of defence against cybercriminals. Check out our top tips on creating strong passwords.

We access so many different online services every day that it’s easy to suffer password overload. It might be very tempting to use the same password across lots of accounts or event change a character here and there. The recent report by the US Government National Institute of Standards and Technology has revealed that you should remove the complexity requirements such as a password must have a number or special character and have a longer password instead.

Password length has been found to be a primary factor in characterizing password strength. Passwords that are too short yield to brute force attacks as well as to dictionary attacks using words and commonly chosen passwords.

The reason to protect your services with a secure password is to prevent cybercriminals from using it to commit a host of cybercrimes like:

  • sending emails from your accounts
  • withdrawing money from your bank accounts

The good news is that you can reduce the password burden and still have great password security if you follow our simple tips.

  • Change the default passwords on your devices. Many smart devices, printers and home internet routers from your ISP, come with default passwords, which are easily found on the internet by cybercriminals.
  • Don’t use your personal info in your passwords. Information such as your Date of Birth, children’s names and other personal information should not be used either online or offline as these are too easy to guess.
  • What is a secure password? You can make a great strong password with four random words that total up to 13 characters or more. Remember, the longer the password, the better.

It is vital that you don’t use the same password on any of your accounts.

What Is Social Engineering?

Social engineering is the act of manipulating and taking advantage of the weakest link in any organisation’s IT security defences: people.

This can also sometimes be known as “people hacking” and involves maliciously exploiting the trusting nature of human beings to trick people into performing actions or divulging confidential information like passwords and PINs.

The person or group behind the act will commonly use social pressure, deception or threats to influence a person into doing something against their interests.

Social engineering is not hacking. Hacking involves the use of computer technologies to gain unauthorised access to systems and networks. Students sometimes use the term ‘hacking’ when, in fact, they have shared their password.

Here are some examples of social engineering:

  • “Support personnel” claiming that they need to install a patch or new version of software on a user’s computer, talk the user into downloading the software, and obtain remote control of the system.
  • “Vendors” claiming to need to update the organisation’s accounting package or phone system, ask for the administrator password, and obtain full access.

Phishing emails sent by whomever to gather user IDs and passwords of unsuspecting recipients. These attacks can be generic or more targeted — something called spear-phishing attacks. The criminals then use those passwords to install malware, gain access to the network, capture intellectual property, and more.

The theory behind social engineering is that humans have a natural tendency to trust others, which makes it easier to trick someone into divulging personal information than it is to hack an account.

Why is social engineering an issue?

Social engineering can be used to steal credentials, violate people’s privacy and to obtain ‘high-value’ information, such as intimate images or trade secrets. This type of cyber-threat can be subtle and may appear as a simple request to help a friend. Spotting social engineering attempts can be challenging.

Five steps to protect yourself against social engineering

You can decrease your chances of social engineering by using these precautions:

  • Set strong passwords and PINs for all devices and accounts
  • Use two-factor authentication to secure all online accounts
  • Never give out passwords and PINs and other confidential information to anyone
  • Treat unsolicited emails with scepticism
  • Review social media and other apps account activity regularly

Lastly, in the event you or your organisation falls victim of a social engineering scheme, it’s essential to back up your data. A reliable backup and recovery solution will allow business continuity and minimise the cost and risk associated with an attack.

What is Multi-factor authentication?

Multi-Factor authentication or more commonly known as MFA provides an additional layer of security by confirming your identity with extra information in order to access an account, in addition to a username and password.

Organisations implementing MFA provides a simple way to increase the security of your accounts and make it much harder for the bad guys to break into that if you were only using a password.

Even in the unfortunate event that the bad guys do obtain your password, they will still have to get past at least one other MFA technology barrier to access your account.

1 Factor Authentication > Something you know
1FA is something that only you know, like your password, Passcode or PIN.

2 Factor Authentication > Something you have
2FA refers to something you only know (password), plus something you have: an example of this is a required username and a password, plus a one-time code or password (sent to your mobile phone, or accessed through a token) to access them.

3 Factor Authentication > Something you are
3FA refers to something you know, plus something you have, plus something you are (unique biometric input, such as a fingerprint scan to unlock your smartphone).

If you have any security concerns within your organisation or need a hand setting up MFA for your organisation, then please don’t hesitate to get in touch with us.

Using Public Wi-Fi? You may be at risk!

Everywhere you go now; there are these free wireless internet signs. Public Wi-Fi can be found in popular public places like airports, coffee shops, shopping centres, restaurants, hotels and more — and it allows you to access the Internet for free. These “hotspots” are so widespread and common that people frequently connect to them without thinking twice. Picture this, you have just ordered your latte from your local coffee shop, and while waiting you check your bank account and catch up on some social media, this is a typical scenario for many of us, but did you know you might be unaware of some threats lurking in the background on public WI-FI. This freedom comes at a price, though, and few truly understand the public Wi-Fi risks associated with these connections.

The Risks of a Public Wi-Fi

The same features that make free Wi-Fi hotspots desirable for everyday consumers make them desirable for hackers; namely, that it requires no password or authentication to establish a network connection. This creates an amazing opportunity for the hacker to get unfettered access to unsecured devices on the same network.

Snooping

Encryption normally helps protect your network traffic from prying eyes. For example, even if your neighbour at home is within range of your Wi-Fi network, they can’t see the web pages you’re viewing. This wireless traffic is encrypted between your laptop, tablet, or smartphone and your wireless router. It’s encrypted with your Wi-Fi passphrase.

When you connect to an open Wi-Fi network like one at a coffee shop or airport, the network is generally unencrypted — you can tell because you don’t have to enter a passphrase when connecting. Your unencrypted network traffic is then clearly visible to everyone in range. People can see what unencrypted web pages you’re visiting, what you’re typing into unencrypted web forms, and even see which encrypted websites you’re connected to — so if you’re connected to your bank’s website, they’d know it, although they wouldn’t know what you were doing.

Malware Distribution

Thanks to software vulnerabilities, there are also ways that attackers can slip malware onto your computer without you even knowing. A software vulnerability is a security hole or weakness found in an operating system or software program. Hackers can exploit this weakness by writing code to target a specific vulnerability, and then inject the malware onto your device.

Malicious Hotspot

These “rogue access points” trick victims into connecting to what they think is a legitimate network because the name sounds reputable. Say you’re staying at the Goodnight Inn and want to connect to the hotel’s Wi-Fi. You may think you’re selecting the correct one when you click on “GoodNite Inn,” but you haven’t. Instead, you’ve just connected to a rogue hotspot set up by cybercriminals who can now view your sensitive information.

How to Stay Safe on Public Wi-Fi

The best way to know your information is safe while using public Wi-Fi is to use a virtual private network (VPN) service. However, if you must use public Wi-Fi, follow these tips to protect your information.

Don’t:

  • Allow your Wi-Fi to auto-connect to networks
  • Log into any account via an app that contains sensitive information. Go to the website instead and verify they are using HTTPS before logging in
  • Leave your Wi-Fi or Bluetooth on if you are not using them
  • Access websites that hold your sensitive information, such as such as financial or healthcare accounts
  • Log onto a network that isn’t password protected

Do:

  • Disable file sharing
  • Only visit sites using HTTPS
  • Log out of accounts when done using them
  • Use a VPN.
  • Make sure all your software is updated including Windows Update etc

Office 365 Business and Ransomware

For small to midsized businesses, Microsoft Windows-based systems remain dominant. Windows continues to be the operating system most widely used on desktops and laptops. Moreover, Microsoft Office remains the most commonly used work office suite.

So it’s no surprise that Windows systems remain the top target for ransomware, too. A stunning 100 per cent of IT professionals reported they had seen Windows systems infected by ransomware, as indicated in an IT Industry Ransomware Report. Ransomware typically encrypts your files and promises to decrypt data after a ransom payment.

The collaborative capabilities of Office 365 make ransomware defence more challenging. Before Office 365, you wrote a Word document on your laptop, saved it on your system or file server, then emailed it as an attachment to share outside your organisation. Copies of your file could exist in several places: your laptop, a file storage server, your sent email, and the inbox of the recipient.

Thanks to shared files and OneDrive sync, your data may be in more places than ever. A user that shares a document with colleagues can end up with copies on multiple laptops. Each person with editing access might sync a copy to their system. When one person gets ransomware, files get encrypted — then the encrypted versions sync through to everyone else. The same is true for Sharepoint Online. As most business-critical data is created in Sharepoint Online libraries, it’s important to note that ransomware is easily spread there via the sync client.

In fact, 29 percent of IT professionals reported that their clients had encountered ransomware that targeted Office 365. It takes just one visit to a malicious site, one accidental download, or one infected attachment to unleash ransomware.

Tips to make your workforce a security front line

Cybersecurity is something that is constantly on our mind here at National PC. This is because, according to Bloomberg, cyber security related issues costs companies around $400 Billion a year on average.

One of the easiest ways to curb these losses in your business is to train your employees to create a more secure email environment. Staff plays a crucial part in the security of your company, and employees who are unaware of the onslaught of cyber threats are a liability to the safety of your company’s data.

It is therefore of utmost importance that they are always up-to-date on the best procedures to keep the company safe.

In an effort to save you and your company from the horrors of a cyber-attack, here is a list of tips that help safeguard your business.

  • Never open links or attachments from unknown persons.
  • Don’t respond to emails that request a password change and require you to divulge personal information — no matter how official the source appears.
  • Ensure antivirus and anti-spy software is updated on your computer.
  • Encrypt any emails containing sensitive data before sending.
  • Don’t use your company email address to send and receive personal emails.
  • Don’t automatically forward company emails to a third-party email system.
  • Create strict standards for company-related Mobile Device usage

Mobile Devices have become an important tool of the workforce, and with them comes another wave of cyber threats. Making sure your employees have password-protected devices, encrypt emails, and download approved security applications to help keep the mobile data safe is very important.