Cyber Security Archives -

Cyber Security

Russian Cyberattacks on Critical Infrastructure: What You Can Do to Protect Yourself

March 23, 2022

It’s been revealed that Russia is exploring options for potential cyberattacks to target U.S critical infrastructure, including our power grid, water facilities, and even our airports. This is a huge threat, and we need to do everything we can to protect ourselves. The White House is urging private organizations to strengthen their cybersecurity defenses to prevent any future breaches or attacks on our country’s most valuable assets: its people.

If you’re concerned about Russian hackers targeting you specifically, read on for tips on how to protect yourself.

As much of the U.S.’s critical infrastructure is owned and operated by the private sector, the administration is urging private companies to take the following steps immediately to protect the critical services.

How to Protect your Critical Services?

Mandate the use of multi-factor authentication on systems to make it harder for attackers to gain access. To do this, deploy modern security tools and check with cybersecurity professionals about patching policies as well as default usernames/passwords across networks so they are useless if hackers attempt any sort of attack or infiltration into your company’s data center where servers reside that store sensitive information such as credit card numbers.
If you want to be able to protect your data, then offline backups must be done regularly and properly.
The best way to avoid an emergency situation – is by being prepared, and having a business continuity plan in place. Create exercises that teach you how to respond quickly, practice these responses often so they become second nature when needed most.
Encrypt data to prevent its use if it is ever stolen.
Employees need to be aware of common tactics that attackers use when trying to get into your computer or phone. If you’re experiencing any strange behavior such as crashes, slow operation, etc., it would be great to report this information immediately, therefore, your IT / Security company can investigate.

In closing, cyber and security issues will always be on the rise as long as we live in a technology-growth environment. The answer is not to ignore the signs, it’s to create a preventative maintenance plan. Think of your security maintenance as your everyday hygiene. The more you take care of your hygiene, the fewer visits to the doctor, and lowering emergency visits. What we focus on as the input, always becomes the output.

Please be safe, and if you need any assistance – SecurityRI is here to assist!

Security: Prevention-First Mindset

December 7, 2021

Cyber Security, Security Guard Services, SecurityRI

When it comes to security, you must form a “Prevention-First Mindset.” Many companies have this approach backward – they deal with security after the breach, damage, or customer complaints.

In business, we understand company image is everything. The impression individuals form of your business depends on a range of factors—branding, personal interactions, presence, and most of all, “reputation.”

Therefore, robust security prevention and presence can continue your positive ongoing business image.

Question: Why does my business need security? Incidents at my location never happen?

Answer: Crimes are rising, year after year, and brings us to our point of “preventative” measures. Innovative companies invest in their marketing, growth, customer service, etc. They also understand the peace of mind insurance of having security rolled into their operations. Security comes in many forms – from physical security officers, mobile patrols, surveillance cameras, cyber security, and the list continues.

Supportive data for your awareness:

The Federal Bureau of Investigation (FBI) released detailed data on nearly 8.9 million criminal offenses reported via the National Incident-Based Reporting System (NIBRS) in 2020. The Uniform Crime Reporting (UCR) Program’s latest report, NIBRS, 2020, presents data about 23 offense categories comprised of 52 offenses. It also presents arrest data for those crimes and ten additional categories for which only arrest data is collected.

Highlights of NIBRS, 2020

In 2020, 9,880 law enforcement agencies, whose jurisdictions covered more than 177.5 million U.S. inhabitants, submitted NIBRS data to the UCR Program. These agencies accounted for 62.1% of the 15,901 law enforcement agencies that submitted data to the UCR Program in 2020. Currently, the FBI does not estimate NIBRS data for agencies that do not submit it. Of the 8,879,728 offenses reported in 7,560,867 incidents, 60.5% were crimes against property, 25.2% were crimes against persons, and 14.3% were crimes against society. (Due to rounding, some percentage breakdowns may not add to 100%.) Among these categories, the offenses most reported include larceny/theft offenses, assault offenses, and drug/narcotic offenses, respectively.

Read the full NIBRS, 2020 report.

Where do I begin with a preventative approach?

You start with sealing the perimeter – by focusing on prevention. If securing with a physical security officer, you want a security team that provides a security presence, understands proper escalation processes and formal reporting; therefore, the client is always aware of their location’s situation.

Surveillance cameras: you or your service provider want to receive an alert before a crime has begun. High-end Artificial Intelligence (AI) surveillance cameras can distinguish and alert a breach by a human the minute they trigger the camera’s built-in protocols. Alerts are sent to the monitor, reacting and beginning the preventive phase.

Cyber security: Detection-based tools, on their own, can’t provide the level of protection needed to keep an organization secure. On average, most threats go undetected for upward of 100 days. Because detection-based tools rely on signatures, threats that have yet to be seen readily slip through traditional defenses. A staggering 360,000 new malicious files are detected every day. Breaches will remain a daily occurrence until cybersecurity tools can block new threats as quickly as they evolve.

Above are just a few examples of preventive security measures and scratching the surface on how intelligent and effective they can be for an individual, business, or property.

For additional information please feel to contact any of our security specialists, we’d be happy to assist.

Stay Safe,

SecurityRI

Are you Threat Monitoring?

June 18, 2019

Cyber Security

Proactive Security Against Cyber Threats

Too many organizations leave their network security to chance. If everything is running smoothly and you’ve never encountered a security breach, proactive security solutions may seem like a big investment, but have you sat down with your MSP or IT Team and looked at the list of potential expenditures associated with a data breach? Cybersecurity risk is business risk.

The Ponemon Institute estimates the breach cost of a single record to be $148. A typical breach affects 3,000 to 101,500 records, with 40% of companies being down for over eight hours after a breach occurred.

Also, cybercriminals are constantly evolving their methods—and to make matters worse many small and medium-sized business (SMBs) are prime targets for cybercriminals. According to Cisco’s 2018 SMB Cybersecurity Report, SMBs normally have less-sophisticated security infrastructure and in-house security experts:

Threats typically targeting SMBs:

Malware
Phishing attacks
Illegal file transfer
Viruses
Ransomware
Botnets
Web app attacks
Intellectual property leakage
Email spam and malware
DDoS attacks

Here are 5 Tactics Where Treat Monitoring Can Assist:

Fast Threat Detection – receive immediate alerts or know your system is being proactively serviced by your local MSP.
Consistent Security Monitoring – monitoring is 24/7, 365. Security is not efficient if it’s not operating continuously.
Alerts – you should be receiving high-level alerts from your local MSP. The alerts help the client understand the MSP’s proactive approach on keeping their infrastructure safe.
Simplified Compliance Efforts – keep it simple and secure (learn, comply, and succeed).
Remediation – you cannot keep a secure / safe infrastructure without consistent remediation. Technology is growing as we speak – so you need a company or your technology staff to learn and educate. When you find vulnerable systems, you must outweigh the risks and upgrade when the funds are available. Upgrading systems has many additional positive factors as well. Upgraded systems – make your organization more efficient, while catering to your employees.

How can SecurityRI.com help?

We can provide a non-intrusive Network Assessment (health check):

Diagnose slowness, problems or concerns you may have with your network. Our IT technicians will convert the highly confusing tech-terminology into plain English language on what is causing the issues.
Confirm you have proper security updates in place
Verify your backup procedure and ensure its operating correctly.
Check the integrity of your server(s) and workstations
Monitor your overall system performance
Answer any questions you may have with the Health Check
Secure a plan on increasing your security measures

Cyber Security Trends to Watch in 2019

January 31, 2019

Cyber Security

Another year has passed, technology has evolved and new techniques have been learned – especially for the Cyber-Thieves.

With the use of artificial intelligence (AI) and biopmetrics, hackers are using the two platforms as entry points when entering your technology device. Below we’ll highlight some of the expected threats in 2019, to be aware of.

Phishing Scams Will Become More Popular

If you think phishing scams were bad last year, 2019 will develop greatly. New attack types have been created, improved execution – especially, via e-mail.

3. Slight Decrease in Crypto Currency Attacks

In the face of huge commissions, slow transfers, a large price for integration, and, most importantly, a small number of customers, the use of crypto currency as a method of payment has declined steadily from 2017 and will continue to decline in 2019.

2. Improved Execution of Existing Attacks

In 2018, cyber attacks and data breaches continued to increase in both frequency and intensity, and organizations can expect more of the same in 2019, according to experts. The biggest cyber security event of 2018 is probably just the sheer number of data breaches that have occurred across industry sectors, some utilizing advanced attacks, others as a result of mistakes made by the affected organizations.

4. Mobile, in-app Malware

While malware that runs on the Windows operating system vastly outnumbers malware for any other platform, users of mobile devices are increasingly subject to malicious activity that pushes malware apps to their phones, tablets, or other devices running Android and iOS, according to computer network security company Sophos’ 2019 Threat Report.

5. Attacks through Theft of AI & Biometric Data

While several major leaks of biometric data have already occurred globally, the Middle East and Africa regions could see the first attacks in the theft and use of biometric data in 2019. As more biometric systems for user identification and authentication are being implemented by various financial institutions in META (Middle East, Turkey and Africa), 2019 will see criminals exposing vulnerabilities in passcodes, touch ID sensors and facial recognition.