Author Archives: Maria Koblish

Security Alert: Emotet is Back

Remember Emotet? Well, it’s back.

In case you don’t know, Emotet is one of the biggest cyber threats in recent years.

This damaging malware oftentimes gains a foothold in a system through a macro virus in an email attachment.

“Clever social engineering on the part of the threat actors can make detecting these malicious emails difficult,” said Brian Walker.

“These emails may look like they’re coming from a colleague, they may seem to be a continuation of a past email thread, or they may reference a timely topic in your line of business.”

The Emotet backdoor is typically installed via a macro-enabled Word document. PDFs or hyperlinks within the body of the email can also cunningly link to these Word documents.

While more and more people are becoming better educated about email security issues, the sophisticated nature of the Emotet attacks as well as the volume (1.8 million malicious emails were blasted out in a short period last February) make it a potent threat.

“Once Emotet gets in, worm-like self-propagation features allow it to spread across networks at terrifying speeds,” said Aaron Allen. “The threat actors can steal account credentials and proprietary or sensitive information. Emotet can even download and install additional malware, such as TrickBot, which steals bank logins, tax information, and other financial details. Emotet has also been known to lay dormant, ready to launch future attacks.”

In other words, Emotet is bad news. Recovery in the aftermath of an Emotet attack can be extremely costly, and the hit to your reputation can be tough to shake.

Here are 4 tips to help defend against Emotet:

  1. Ensure you keep everything patched and up to date so known vulnerabilities are shored up.
  2. Keep your staff educated on malicious emails.
  3. Be wary of emails that seem out of place, even if they appear to be from colleagues or friends.
  4. Be especially wary of attachments. Watch out for PDFs and Word documents.

Need more advice? Sign up for our blog or contact us today!

The Basics of PCI Compliance

Does your business accept credit cards? Of course it does. Regardless of what industry you are in, your customers are now using payment cards for a large portion of their retail transactions both online and in-store. To protect consumers, there has been a compliance standard enacted by credit card companies. Today we will look at this standard, known as PCI Compliance.

Introducing PCI DSS

With so many people using credit, debit, and prepaid gift cards to pay for goods and services, the economic ramifications of digital payment fraud, data loss, and other side effects of continued reliance on these methods of payment have led the companies that issue these cards to band together to create what is now known as the PCI Security Standards Council. Since its inception in 2006 the PCI Security Standards Council has been overseeing the establishment and coordination of the PCI DSS, or Payment Card Industry Digital Security Standard. Let’s take a look at how PCI compliance works.

Taking a Look at PCI

PCI DSS was established in 2006 by credit card companies as a way to regulate business use of personal payment card information. That means all businesses. If your business processes or stores payment card information as a means of accepting digital payment, you need to maintain your PCI compliance. PCI DSS demands that businesses satisfactorily take the following steps:

  1. Change passwords from system default
  2. Install all sufficient network security tools (antivirus, firewalls, etc.) that will work to protect card data
  3. Encrypt transmission of card data across public networks
  4. Restrict the transmission of card and cardholder data to “need to know” basis
  5. Assign user ID to all users with server or database access
  6. Make efforts to protect physical and digital access to card and cardholder data
  7. Monitor and maintain system security
  8. Test system security regularly
  9. Create written policies and procedures that address the importance of securing cardholder data
  10. Train your staff on best practices of accepting payment cards

While many businesses already do these things in the normal course of doing business, if you currently don’t and you still allow for the use of payment cards, your business could have a problem on its hands.

Business Size and Compliance

Once you understand what you need to do to be PCI compliant, you then need to comply with the standards of your business’ merchant status. They are defined as follows:

  • Merchant Level #1 – A business that processes over six million payment card transactions per year.
  • Merchant Level #2 – A business that processes between one million-to-six million payment card transactions per year.
  • Merchant Level #3 – A business that processes between 20,000-to-one million e-commerce payment card transactions per year.
  • Merchant Level #4 – A business that processes less than 20,000 e-commerce payment transactions, and fewer than one million overall payment card transactions per year.

Since a business with more transactions has a better chance to foul up a situation concerning payment card compliance, they are required to do more to prove compliance than smaller businesses do. Here are the expectations for businesses in each merchant level:

Merchant Level #1

Doing massive business online and otherwise brings with it more responsibility. To maintain PCI compliance, Level one merchants need to:

  • Perform a yearly Report on Compliance (ROC) through a Qualified Security Assessor (QSA)
  • Allow an Approved Security Vendor (ASV) to complete a quarterly network scan
  • Complete the Attestation of Compliance Form for PCI Council records

Merchant Level #2

As transactions begin to decrease there are less stringent standards. Level twos include:

  • Perform a yearly Self-Assessment Questionnaire (SAQ)
  • Allow an ASV to complete a quarterly network scan
  • Complete the Attestation of Compliance Form for PCI Council records

Merchant Level #3

Many medium-sized businesses will fall under this level and need to:

  • Perform an SAQ
  • Allow an ASV to complete a quarterly network scan
  • Complete the Attestation of Compliance Form for PCI Council records

Merchant Level #4

The majority of small businesses fall into level #4 status and, like levels two and three, need to:

  • Perform a SAQ
  • Allow an ASV to complete a quarterly network scan
  • Complete the Attestation of Compliance Form for PCI Council record

Businesses that are non-compliant will face fines, extra scrutiny, or risk having the privilege of accepting payment cards officially revoked. If you have questions about the particulars of PCI DSS compliance, contact the knowledgeable professionals at Thrive today.

Free Assessment

You’re paying your IT guy to keep your computer network up and running smoothly. So why do you still have all these problems?

When it comes to the management of your computers, you need someone reliable and trustworthy. Data is the lifeblood of just about any business, and your IT services provider helps you keep it secure while giving you a competitive edge with an efficient, well-managed network.

Looking for a change?

Thrive has a high customer satisfaction rate and an experienced team that’s ready to give your network the world-class treatment it deserves.

Claim your free, unbiased IT Assessment today. Contact us today and one of our network experts will get back with you promptly.

Declare Freedom From Computer Problems!

Want to keep your systems safe and efficient?

Follow these five tips to avoid expensive and potentially catastrophic computer network failures.

1. Have off-site backup.

Relying on onsite backups? What happens if the building gets destroyed? Or your whole network (backups included) gets encrypted and held for ransom? A comprehensive backup plan includes off-site backups, which are extra copies of your data stored in geographically distant locations. In the event of total disaster, you’ll have the building blocks to get back to business.

2. Centralize your data on a server.

Want to increase efficiency, foster collaboration, and improve security in your office? Get a server. Managing email, facilitating file sharing, running applications that require secure databases, and overseeing network security are all things that deserve a dedicated server.

3. Keep your anti-virus patched.

Patches oftentimes address new threats and vulnerabilities. So, not updating your anti-virus and other security software is akin to leaving doors and windows open for cyber attackers. Be vigilant about updates. Better yet, institute a patch management service.

4. Make sure your acceptable use policy is up to date. And enforce it!

It’s often said that the weakest link in your network security is your people. Clicking a malicious link, visiting a bad website, and downloading questionable software are all mistakes your staff can make that can lead to devastating results. An acceptable use policy spells out the things users can and can’t do in the network, encouraging responsible computing. Don’t be afraid to enforce your policy.

5. Perform scheduled patch maintenance for every computer.

In the same vein as #3 above, you should keep every computer in your network patched to ensure vulnerabilities are shored up. This should be performed at least bi-weekly for best results. Scheduling patch maintenance is the perfect way to regulate this.

Ready for IT peace of mind? Follow these tips, keep your systems patched, and ensure your users exercise responsible computing.

Want a free network consultation? Contact us today to schedule time with one of our networking and security experts.

Ransomware Strikes Alabama Again

A successful cyber attack on a prominent Alabama city’s computer systems underscores the need for not only strong network security, but also a comprehensive business continuity and disaster recovery plan.

Florence, northwestern Alabama’s primary economic hub, per Wikipedia, agreed to pay almost $300,000 to cybercriminals. Why?

Early in June, DoppelPaymer successfully launched a cyberattack, unleashing ransomware onto Florence’s network.

Ransomware encrypts the data in a network, rendering the whole system useless. The criminals will then demand a ransom, typically in bitcoin, in exchange for the decryption keys which will unlock the data.

The DoppelPaymer ransomware gang is known for stealing large amounts of data from the target network before deploying the devastating ransomware. Thus, in addition to the ransomware, there is also the threat of having the stolen data published or sold in the Dark Web.

The city was actually warned by a security researcher in late May, almost two weeks before the successful attack, but sadly it may have already been too late at that point.

“The danger of ransomware is real,” exclaimed Brian Walker. “All organizations, businesses, and municipalities need to make cybersecurity a top priority.”

“Having a sound backup plan is a vital part of your security,” said Aaron Allen. “If your layers of security fail, your backups are the perfect last line of defense. Being able to promptly restore from a recent backup minimizes costly downtime and allows you to get back to business.”

Contact us today for a free network security consultation.

Is Cloud Computing Right for Your Business?

Get a free cloud cost analysis

Don’t upgrade your server until you read THIS:

Cloud computing can certainly save you money.

With more people working from home, now may be an excellent time to consider utilizing the cloud for your servers and workstations.

BUT, the cloud may not be right for you.

Pros include:

  • Lower cost
  • Better reliability and uptime
  • Exceptional scalability
  • Simplified management

Cons include:

  • Security issues
  • Heavy reliance on internet connectivity and bandwidth
  • Reduced control and management options
  • Potentially limiting contracts

Make sure you do your homework before you make the jump. Let Thrive help!

We will perform a two-hour cost analysis and take inventory of your current environment and see how your employees currently use their workstations and your network. We will also look for potential security problems and other hidden loopholes.

Contact us today to get started.

Fortune 500 Company Suffers Data Breach Due to Phishing Email

Cybersecurity: Everyone agrees it’s a necessity these days.

As you continue to strengthen your company’s network defenses, don’t forget what’s often the weakest link in the chain: Your people.

Magellan Health, a Fortune 500 company, recently suffered a data beach due to a phishing email. After the company became aware of the attack, they hired a cybersecurity firm to assist. They discovered the attackers were able to exfiltrate clients’ personal information from a corporate server.

Again, it’s of utmost importance you educate your staff on current threats and common ways cybercriminals dupe their victims.

Phishing emails and social engineering are utilized in a large portion of data breaches, and thus should be discussed.

Ready to raise your cybersecurity IQ?

Sign up for Thrive’s blog for easy-to-follow yet powerful ways you can thwart the bad guys.

Report Shows Paying Ransomware Criminals Doubles Clean-Up Costs

Does it pay to give in to ransomware criminals?

Well, according to a recent study, paying off the bad guys may actually result in a doubling-up of clean-up costs.

Based on new research conducted by Sophos, companies hit with ransomware that refused paying the ransom paid, on average, $730,000 in recovery costs.

Yes, that’s quite a sum. But check this:

According to the same research, companies hit with ransomware that did pay the crooks paid, on average, $1.4 million in recovery costs.

While many experts believe ransomware ransoms should not be paid, some companies have paid them out of desperation. Each case is different, but this new research is certainly illuminating.

“In any case, a company should have good network security and a good data backup process in place,” remarked Aaron Allen. “Security should be layered, providing overlapping defenses that make it harder from criminals to break through. And backups should include offsite replication to ensure your data lives no matter the circumstances.

“All this should make the issue of paying ransoms moot. Your security makes it difficult for your data to be harmed or held for ransom. And in the case of disaster, you can restore your data and get back to business promptly.

“Ready to thwart the ransomware criminals? Get a free security or data backup consultation. Contact us today.”

Two-Factor Authentication: What Is It and Why Use It?

And the more security layers you have, the better.

Enabling two-factor authentication (2FA) adds a potent layer, making it harder for hackers to get into your accounts.

In a typical 2FA scenario, after a user enters a password, they will receive a one-time code via SMS on their phone which they will have to enter to proceed.

Although no security is 100% foolproof, 2FA can dramatically cut down the chances a hacker makes it into one of your accounts.

If you need food for thought, here are some cybersecurity statistics that may alarm you.

  • 61% of people use the same password across multiple accounts.
  • 81% of breaches are a result of weak password.
  • 47% of phishing emails are successful.

When you consider stats like these, the typical network appears ripe for a successful hacker attack.

By enabling two-factor authentication, you take back the advantage.

 

Get a free two-factor authentication consultation

Ready to learn how two-factor authentication can significantly improve your company’s network security? Get a free phone or video consultation with the cybersecurity experts at Thrive.

Facebook Quizzes = Identity Theft Risk?

Enjoy taking social media and Facebook quizzes? Beware of giving away too much personal information.

Even before the stay-at-home life we’re living now, social media quizzes have been very popular.

They typically take a nominal amount of time to complete, and it can be fun to compare your answers with those of all the other people who’ve taken the same quiz.

Now that many people have increased free time on their hands, these quizzes can be even more irresistible.

“While these social media and Facebook quizzes can seem harmless, these should typically be avoided,” said Aaron Allen. “These quizzes can ask for things like the name of your first pet, your childhood best friend, or your birth city. If you think about it, these are same types of things that are used for your security questions when you’re setting up, say, an online bank account.”

A popular questionnaire invites you to share a picture of every car you’ve ever owned. Tread carefully, because a common security question is, “What was your first car/vehicle?”

Other questions that could provide scammers personal content include:

  • What is your mother’s maiden name?
  • What is your date of birth?
  • What is your favorite color?
  • In which year did your graduate high school?
  • What is the name of the street you grew up on?

Quizzes aren’t the only place where you can overshare.

Blog posts, social media, and any public online forum are areas where you may unwittingly provide too much personal information.

“Always be vigilant online,” stressed Allen. “If you have a funny feeling about something, avoid it. You never know how information you share will be used – or abused.”