A Cyber-Security Glossary
Cyber-security is a big issue for many companies. The feeling that you may not be protected can be a scary one, and it’s something that many enterprises grapple with. They want to stay safe, informed, and ahead of the curve. However, the more one looks into these things, the harder they
can be to understand. This is why we are going to take some time today to go over some of the terminology and buzzwords that one might encounter, what they mean, and why they are important to your journey into a secure network.
Zero Trust- Zero Trust is a way to operate a network, with the assumption that no trust can be given. This is not to say not to trust your employees, but that when it comes to who gets into your network, do not trust that the person is who they say they are without proof. This goes beyond passwords, but encapsulates things such as multi-factor authentication (see next section) and other verification methods to ensure that the person trying to get in is in fact the person that should be there.
Multi-Factor Authentication (MFA)- MFA is a system in which a secondary or tertiary method is required before someone can access the network. This verification can be in the form of entering a code from an email or text, using a push method, or answering a verification phone call in order
to access after putting in ones password.
Endpoint- An endpoint is a remote device that is connected to your network. These range from smart phones, to laptops to tablets. It also
includes your servers and even the smart refrigerator you bought for the break room. These endpoints all access your network, which is why endpoint security is important.
Social Engineering- Social engineering is a form of treachery in which a person is convinced to act against their best interests. This includes phishing emails, usb ports full of viruses left around, and many other means. The key is the human element involved. This is why social engineering attacks are the most dangerous, the criminals use your team against you.
Ransomware- Ransomware is a malicious attack that takes your network and data hostage. The goal is to get the person or enterprise to pay a
ransom, usually Bitcoin, to the attackers in order to get their data back. This past year, major ransomware attacks were carried out against infrastructure and business, with no signs of slowing down.
Malware- Malicious software. The intent of malware is to steal data, be it financial information, login credentials, and other information that can either be sold or used to access your network. These attacks come in many forms. They include spyware, viruses, Trojans, spyware and ransomware.
Patch- A patch is an update put out by a software company to close holes in the software that may allow for intrusions.
Dark Web- The dark web is the third area of the internet, which requires a hidden browser and a VPN to access. The dark web serves as a marketplace for hackers to sell data, plan and carry out attacks, as well as being the home of many illicit businesses. Oftentimes bank account details,
credit card information and login credentials are sold for pennies on the dollar.
Breach- A breach is when a network has been compromised. Usually this is in reference to when secure sections of a network are accessed
and data has been leaked to the dark web.
Compliance- Compliance refers to the laws and procedures that must be followed to stay within the confines of the law. An example of
this would be the HIPAA act, where medical practitioners are required to follow certain protocols in order to keep people’s medical information confidential. Not maintaining proper compliance can lead to steep fines and lost of consumer trust.
Risk Management- A form of proactive management in which an expert, such as Delval Technology Solutions analyzes your current technology.
This allows them to spot any risks that may be currently occurring, as well as to help identify future risks so that they can be avoided.
Phishing- A phishing attack is when a person or group of people are breached via misleading communications. This can come in the form of an
email, usually with an extreme sense of urgency that appears to be from a trusted source, a similar text message or a phone call. These texts and emails
usually have an attachment or a forum that appears to be from a trusted individual but in fact is from a malicious actor. The calls are usually telling you that there is an extreme emergency and you need to give your information immediately.
Firewall- A network security system that controls who enters and exits the network based on preset conditions.
When you speak to a managed service provider or network service provider, keep these phrases in mind. For your cyber-security needs, having an MSP that covers all of these bases is crucial. Cyber-security is a living breathing thing, the old ways of spam blockers and firewalls don’t hold water anymore. You need comprehensive security to keep your business safe.
Southeast Pennsylvania Flooding and Disaster Recovery
This past week, the Southeastern Pennsylvania region was hit with an unprecedented storm system. Hit with flooding that rivals Hurricane Sandy, and seven tornadoes touching down in Bucks and Montgomery Counties, the losses experienced were catastrophic for many. Families lost their homes or had their belongings flooded out. Businesses lost offices, assets, and many lost valuable time as their networks were shut down.Hence why disaster recovery protocols are so important.
It has been stated in the past that a company can survive three days of downtime before beginning to approach it’s demise. In fact, 70% of businesses who go under for more than three days, go under for good. A proper game plan and proper implementation can minimize downtime and help your
business survive the wrath of a natural disaster. The best way to do this is by teaming with a Managed Service Provider such as Delval Technology Solutions to help you protect your business and act in your best interest.
The first thing to do is seemingly the most obvious, being proactive and making a plan. Take stock of all of your inventory, be it virtual or physical. This isn’t limited to things you are selling or shipping. How many work stations do you have? How many phone lines do you operate? Are there ways
to better secure your facility? What disasters are you attempting to get ahead of or protect against? Where is your data going? Is there a secondary site you can move to? These are all important questions to ask yourself so you know the destination.
Proper data backup is an important part of a good recovery plan. However, just backing up your data is only one step. It has to be accessible to your team and yourself no matter the situation or location. It is imperative to test your network. This will ensure that everything is being backed up properly and is legible when you need it to be. Also, it is important to make sure that this data is accessible from anywhere, if your office is underwater and you have to work from home, you still have it. With an MSP such as Delval Technology Solutions, we handle bringing your data safely and securely to the cloud.
From there, it is able to be accessed remotely by your team. This isn’t merely limited to your data either, your software from the 365 suite even down to your phone systems can be accessible from the cloud.
It isn’t only a matter of your virtual data. The human and hardware factors are important as well. There is a story that gets told around the office here at Delval Technology Solutions. There was a major storm a few years back that knocked out power to a client that ran a logistics company. They were tasked with guiding and tracking trucks that were still on the road, and downtime was not something they could afford to have. They had a full backup
plan, employees on site, but were not prepared for an outage of this magnitiude. The DTS team worked all day and night to bring out generators to them and rewire the premises to get them back up and running so all their data and network capabilities were accessible to keep the trucks running. Working hand in hand with the company’s team, DTS was able to ensure that the disaster, while inconvenient was not a catastrophe.
Keeping communications up is also a key factor for companies. Clients and vendors call you daily. Your team needs to be able to continue their day to day operations, be it simple communications, collaborating on projects, or sending invoices. This all requires a network that can stay up and running regardless of where you are. The best way to achieve this is the cloud. A proper cloud service provider such as Delval Technology Solutions, is
proactive in their cloud approach, preparing you for any catastrophe before it hits.
All of this may not prevent a disaster. However, it will allow your business to bounce back instead of crash and burn. Make your plan. Get your Disaster team picked, making sure you have all the experts you need. If you don’t have them on hand, contact an MSP such as Delval Technology Solutions. Back your data up and test it, as well as test your cloud technology. Take an inventory of what you have, and finally make sure you don’t lose communication. This will help you ensure that your business isn’t a statistic in anything other than successful disaster recovery.
What to Know About the T-Mobile Hack
Hackers are back in the news this week. This time, cellular carrier T-Mobile, which is used by 104 million people on a daily basis, was hit with a massive breach. This breach exposed the data of almost 50 million T-mobile users. This attack was not limited to current users, with former and prospective user data being compromised as well. Reported on August 15th, this breach was one of the largest attacks on a cellular carrier in recent memory. T-Mobile, the second largest cellular carrier in the country, apparently was lax when it came to
securing their network.
A 21 year old named John Binns, an American citizen living in Turkey, claimed responsibility for the attack and was able to provide proof to the Wall Street Journal and top cyber security professionals. Binns was able to access the network via an unsecured router at a T-mobile facility in Washington. This allowed for him to navigate through over one hundred T-mobile servers to find the information that he was looking for. Like many hackers, Binns was looking for any way he could to gain access into the network. While it took a bit of time, within a week Binns had access to millions of pieces of valuable customer data.
This data consisted of full names, birthdates, credit card numbers, social security numbers, drivers license numbers and bank account information. "I was panicking because I had
access to something big. Their security is awful," Binns recounted to the Wall Street Journal. "Generating noise was one goal." Unlike many hackers who wish to hide behind anonymity, Brinns was more brazen, speaking to reports from both Motherboard and Bleeping Computer, two of the countries top tech publications. He explained that he had routed around the servers and found the treasure trove, an Oracle database server full of customer information. He even shared screenshots showing his connection to the server to prove he was the man behind the attack.
T-Mobile eventually recognized they were breached and forced Binns out of the server. This isn’t before he made copies of what he claims is 106 GB of customer data. In fact, he did drop a trove of data onto the dark web, which is where most stolen data ends up, which he sold for six Bitcoin, which as of this writing has a value of three hundred thousand dollars. Binns reasoning for the attack is as follows. He claims that he was accused of being part of a botnet gang by the FBI and the CIA. From there he further alleges that the agencies removed him from Turkey and brought him to Germany where he was tortured for days. In fact, he went as far as to file suit against the agencies that alleges he was subject to illegal break-ins and wire-tapping by the agencies and accused of being a member of ISIS, which he fervently denies. In a message relating to the attack shared via Twitter Binns said "The breach was done to retaliate against the US for the kidnapping and torture of John Erin Binns (CIA Raven-1) in Germany by CIA and Turkish intelligence agents in 2019. We did it to harm US infrastructure.” While he has neither confirmed or denied being tied to a hacking group, he did acknowledge that he needed help getting into the servers.
Unit221B LLC, a cyber-security company, made T-mobile aware of the attacks after finding the data on the dark web. T-Mobile officials have stated that they are currently cooperating with law enforcement in an ongoing investigation. Due to this attack T-Mobile has partnered with cyber-security agency Mandiant to conduct a full scale investigation of the attack. They have also claimed to have notified most if not all current and past customers as well as prospectives that were affected by the hack. The carrier has stepped
up security features offered to their customers, including two free years of identity theft protection, a scam sweeper app, and are now offering what they refer to as “Account Takeover Protection”. They have urged all their customers to reset their passwords on all platforms.
While this is the biggest attack to be carried out on T-Mobile it isn’t the first. In fact the company has been breached four times since 2018, the largest previously being a breach of 200,000 users data. Another attack saw the logins of company employees being released to the dark web. Attacks such as these have seen nearly a 500% increase since 2019. The methods of these hackers are becoming more evolved and more invasive by the day. This is why proper cyber-security for your enterprise is invaluable. While there are many steps that you can take on your own, such as proper password maintenance and running firewalls and anti-malware software, it is no longer enough to stop there. Partnering with a security minded MSP, such as Delval Technology Solutions, can make the difference between having a minor hiccup or losing thousands if not millions of dollars in data, as well as the trust of your employees and clients. For more information, a system assessment, and a free dark web report, where the dark web is scoured to see if any of your data has been compromised, reach out to Delval Technology Solutions today.