“Don’t Let Your Independence Be Hacked”

  • 0

“Don’t Let Your Independence Be Hacked”

Dear Blast Readers,

 

From everyone here at FDS Global we would like to wish you a Safe and Happy Fourth of July! As we celebrate this national holiday, Cyber Threats are continuing to get more advance.

 

The recent outbreak of the ransomware known as “Expetre” is not really a ransomware attack. It is really a form of malware known as a “Wiper Attack”, which can disguise itself so its victims are unaware of how serious it is.

 

A “Wiper attack” is a type of attack that sabotages PC computers. It is different from ransomware because it was created to destroy the data that is located on the computers disk.  While ransomware is a form of malware that blocks data, and threatens to delete or publish the data unless the user pays the ransom.

How does a “Wiper Attack” destroy data?

It destroys the data on the disk by overwriting the Master Boot Record, also know as the MBR. This form of malware is called a “Wiper” because it wipes part, if not all, of the drive.

 

It can be mistaken as a ransomware because the infected computer displays a message on the screen. This message states that the user’s files have been encrypted, and if the users pay a ransom then the encrypted files will be decrypted and returned. The user is then provided with an email address to send their payment information to.

 

But, little does the user know the ransom will have no affect when it comes to decrypting their files.

 

Why will the ransom have no affect?

The ransom will not have any affect because the email address provided to the user is inactive. Unfortunately, even if the email was active and the ransom could be paid in full, recovery of the MBR is impossible once wiped.

 

So, how are you supposed to protect yourself and/or your organization from this type of malware attack?

Here are a few tips:

  1. Any crucial and confidential information should be stored in hardened systems. Systems that can only be accessed one way, through privileged connections.
  2. Important data should be backed-up and stored somewhere offsite.
  3. It is important to institute and test an emergency recovery & response plan.

 

If you have any questions about Ransomware, Malware, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global. Enjoy your holiday!


  • 15

“Hacker Alert: Employees Beware”

Dear Blast Readers,

 

Is your company open to cyber attacks? Do your employees take cyber security seriously? How can you get your employees to take cyber security more seriously? Did you know that many security breaches are caused from employee’s careless decisions and their lax attitude?

 

Cyber criminals gain the trust of the employees working for the targeted businesses by using social engineering tactics, but there are also other tactics that can be used.

 

One of the tactics that cyber criminals have been using is referred to as the “Business Email Compromise”. This is when cyber criminals target the employees that have access to the company’s finances. Some examples of cyber scams include:

  • Bogus Invoicing Scams. When a compromised employee’s account is requesting a payment information change.
  • CEO Fraud Scams. When the cyber criminal is pretending to be a CEO requesting an emergency payment.
  • A Compromised Employee’s account scam. The compromised account can send out a false invoice to vendors.
  • An Attorney’s Email Identity Scams. This email’s identity could be used to pressure immediate payments.

 

For the company’s safety, it is important for employees to be cautions and take cyber security seriously. Altering an employee’s behavior may seem like a challenging task. There are conditions that can be created to help reduce cyber threats, even if the threats cannot be eliminated altogether.

 

How can these conditions be created?

These conditions can be created by educating employees. It is important to remember, when educating employees, to make your message stick in their mind. To do this it is important to remember:

  • Do not use scare tactics. Treat cyber security awareness as a marketing campaign, with the purpose of persuasion.
  • Use videos and infographics.
  • Do not send out long memos, they will get ignored. It is important to keep it fun & short.

 

As important as it is to educate your employees on cyber security, it is also important to make your employees part of the cyber security process. For your companies cyber security to be beneficial it is important that your employees are trained properly first.

 

How does training employees in cyber security benefit your company?

Training employees in cyber security gives them the skills and knowledge to act as a firewall, giving your company a first line of defense.

 

Here a few steps that can help boost your companies cyber security.

  1. Make Cyber security a cornerstone in your business, and make it part of every employee’s job. By doing so, this will make your employees invested in the outcome of your companies cyber security.
  2. Create a secure log in process by: (1) Getting rid of any stick notes with usernames and passwords written on them. (2) Creating a two-factor authentication. (3) Re-set passwords monthly.
  3. Stay ahead of the everchanging security threats. Update your software & security patches frequently.
  4. Have an “onboard process” and “offboard process”. Having an “onboard process” means all new employees should be introduced to the companies cyber security policy from the start. Having an “offboard process” ensures that you can ID ex-employees that might be disgruntled and if they pose a malicious threat to your company’s data security.
  5. Make sure your company has a recovery plan & backups in place. Having daily backups offsite can help your company recovery quickly from cyber attacks. Having a recovery plan in place allows you to know the proper steps to take in the event of a cyber attack

 

* * Remember: Cyber Security is everyone’s responsibility * *

 

If you have any questions about Cyber Security Training, Cyber Security, and Computer Forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.


  • 13

“Printers Beware”

Dear Blast Readers,

 

Did you know that 54% of employee’s say that they do not always follow the security policies put into place by their company’s Information Technology departments? * Did you know that about 51% of employees who have a printer, copier, or a multi functioning printer (MFP) at their work place say that they have copied, printed, and/or scanned confidential documents at work before? *

 

With cyber threats on the rise, it is not a shock that even printers are not safe from cyber attacks and data breaches. If a printer is connected to a wireless network and is unsecure, then it is open to hacking. Once compromised, other devices connected to the same network are left vulnerable.

 

How can a hacker gain access to a network using an unsecure printer?

 

One way a hacker can gain access to your unsecured printer is if the firmware is out-of-date. This allows the system to accept malicious lines of code. The hacker can then use the code to gain access to:

  • Print Jobs.
  • The user’s computer.

 

Another way a hacker can gain access to your unsecured printer is using a drone. Along with a drone the hacker would need a mobile phone and two applications. The two applications would do the following:

  • The first application identifies all wireless printers
  • The second application deploys malware into the printers.

 

So how does this type of drone attack occur?

 

Firstly, the hacker would fly a drone using a smart phone into position outside of an office building. Once into position, the hacker activates the two applications. Once the first application scans for open Wi-Fi printers, the second application establishes a fake access point (one that mimics the real device). Once established, the fake access point is then able to intercept documents that have been sent to the real device. With network access gained, the hacker can then in-bed malware into the company’s network.

 

When malware is installed within the network, hackers can gain access to your servers and documents by:

  • Accessing sensitive and/or confidential information.
  • Changing the printer’s settings or LCD readout.
  • Launching DoS attacks (Denial-of-service attacks).
  • Using the printer to receive and transmit faxes.
  • To send unauthorized print jobs.
  • Retrieving saved copies of documents.
  • Eavesdropping on network printer traffic.

 

To take preventative measures against attacks on your printers Some typical prevention procedures include, but are not imited to:

  • Educating Employees on the importance of security
  • Defining what constitutes a secure password
  • User identification (with PINs and other verification) for printer usage.
  • Data encryption protocols (to prevent interception of data across the network).

 

If you any questions relating to Firmware, Network Security, Printer Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

 

 

*(The statistics represented in this blast were identified from: Network, C. (2013, February 07). The Hidden IT Security Threat: Multifunction Printers. Retrieved April 25, 2017, from https://www.forbes.com/sites/ciocentral/2013/02/07/the-hidden-it-security-threat-multifunction-printers/#b615affb615a )*


  • 0

“Beware of the Facebook Notification Virus”

Dear Blast Readers,

 

You are on your Facebook account, answering messages, liking posts, watching videos, and commenting on your friend’s photos. Suddenly, you receive a message from your friend Sam. The message contains a link to a funny cat video in which a cat in a hat is dancing with a maraca in its mouth. The message below the video says “Hilarious video. You NEED to check it out!”. Without giving it a second thought you click on the link to view the video. But, instead of viewing the video you get redirected to a site that you don’t recognize or trust. Naturally, you exit out of the browser thinking that maybe Sam has attached the wrong URL. But, it is too late. Your device has already been infected.

 

Security experts have identified a form of adware that targets social media users tricking them into infecting their own devices. It is known as the “Facebook Notification Virus”. This virus displays messages saying that they are from Facebook. The “Facebook Notification Virus” creates many different forms of messages, including:

  • Friend Requests
  • Chat Messages

 

Some of the notifications that the user received are real copies of notifications that users would see on the real social media site (making the fake notifications seem legit). While other notifications are presenting new features. The purpose of this adware is to redirect users to specific websites, most likely malicious websites, so that the user’s device becomes infected with malicious software. This virus does not just lead users to malicious websites, it also:

  • Monitors User Activity
  • Collects User Information
  • Records Browsing History
  • Tracks Cookies
  • Tracks Keystrokes
  • Tracks IP Addresses
  • Tracks Geographic Location
  • Tracks Zip Codes
  • Tracks Demographic Profiles
  • Tracks Emails
  • Tracks Telephone Numbers
  • Tracks Usernames
  • Tracks Passwords

 

After all this information is collected, the collector, hacker, will then attempt to sell your confidential information on Darknet Markets, then falling into the hands of much more malicious cyber criminals.

 

So, how does this virus spread?

 

The “Facebook Notification Virus” can be spread a few different ways, including:

  • Freeware
  • Shareware
  • Pirated copies of paid utilities.

 

Another way that it can spread is through spam emails. The sender of the spam emails wants you to open the so that his or her tool can get inside your system and infect it.

 

To protect your data and system from the “Facebook Notification Virus”, if you receive any suspicious messages from “Facebook”, you should:

  • Check your system, because you may have been infected.
  • Be careful of the software that you allow in your machine.
  • Verify the email addresses of the “companies” that have messaged you (visit the contact page on the official website of the “company” to verify the email address).

 

If you have any questions relating to the “Facebook Notification Virus”, cyber security, or computer forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.


  • 0

“Is Your Phone Watching You While You Sleep?”

Dear Blast Readers,

 

Have you ever had the hair on the back of your neck stand up because you thought you were being watched? Have you ever wondered if you were being spied on? Imagine your every move being watched and listened to without your knowledge. Have you ever considered that maybe, your smartphone is watching and listening to everything that you say and/or do?

Usually, when someone thinks about a “Smartphone” you think about all the different things that you can do on the phone. The different applications that you can run. Applications like:

·        Gaming Apps

·        Messaging Apps

·        Shopping Apps

·        Social Media

·        Internet Browsers

 

Digital Forensic Analysts are worried about malware that can remotely take over features of a smartphone. With this ability, Hackers can take over, and use your phone’s camera and microphone. This lets them gain the ability to listen in to your conversations and watch you through your camera.

More times than not, these issues arise as the result of old software in need of an update. Therefore, older models of technology become out-of-date so quickly.

Security researchers have found another example on how hackers can spy on smartphone users. It might seem like a complicated process to accomplish the task of taking over a smartphone’s Camera and Microphone. This form of exploit works the same as any other form of malware. Firstly, you will be sent a message to download an app that seems real, or you could be re-directed to a secondary website. If you proceed with the download these programs attempt to gain control of the smartphone functions through security holes in the phone. Once the App is installed the hacker can collect surveillance information.

FDS’ Tips on preventing hackers from spying on your smartphone:

1.      Do not click on links sent from unknown numbers

2.      Do not click on pop-up windows with links

3.      Do not install Apps onto your phone if you are not sure who has manufactured them.

 

If you have any questions relating to our tips or computer forensics and cyber security contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.