“Don’t Let Your Independence Be Hacked”

  • 0

“Don’t Let Your Independence Be Hacked”

Dear Blast Readers,

 

From everyone here at FDS Global we would like to wish you a Safe and Happy Fourth of July! As we celebrate this national holiday, Cyber Threats are continuing to get more advance.

 

The recent outbreak of the ransomware known as “Expetre” is not really a ransomware attack. It is really a form of malware known as a “Wiper Attack”, which can disguise itself so its victims are unaware of how serious it is.

 

A “Wiper attack” is a type of attack that sabotages PC computers. It is different from ransomware because it was created to destroy the data that is located on the computers disk.  While ransomware is a form of malware that blocks data, and threatens to delete or publish the data unless the user pays the ransom.

How does a “Wiper Attack” destroy data?

It destroys the data on the disk by overwriting the Master Boot Record, also know as the MBR. This form of malware is called a “Wiper” because it wipes part, if not all, of the drive.

 

It can be mistaken as a ransomware because the infected computer displays a message on the screen. This message states that the user’s files have been encrypted, and if the users pay a ransom then the encrypted files will be decrypted and returned. The user is then provided with an email address to send their payment information to.

 

But, little does the user know the ransom will have no affect when it comes to decrypting their files.

 

Why will the ransom have no affect?

The ransom will not have any affect because the email address provided to the user is inactive. Unfortunately, even if the email was active and the ransom could be paid in full, recovery of the MBR is impossible once wiped.

 

So, how are you supposed to protect yourself and/or your organization from this type of malware attack?

Here are a few tips:

  1. Any crucial and confidential information should be stored in hardened systems. Systems that can only be accessed one way, through privileged connections.
  2. Important data should be backed-up and stored somewhere offsite.
  3. It is important to institute and test an emergency recovery & response plan.

 

If you have any questions about Ransomware, Malware, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global. Enjoy your holiday!


  • 0

“Your Medical Records Are Next

Dear Blast Readers,

 

Have you ever worried about your credit/debit card information being stolen by hackers? Did you ever think that by visiting your doctor’s office your identity could be stolen? Did you know that, when it comes to protecting customer information, the healthcare system is behind the financial sector by about 10 years?

 

As more hospitals, doctor’s offices, and healthcare facilities go from paper records to digital records more hacking issues are expected. More personal information can be accessed by hackers because more is accessible online.

 

One of the challenges of protecting patient data is that the data is stored digitally. By storing patient information digitally, all devices that have access to this information have access to the internet. With internet access, these devices and the information they have access to can be breached by hackers. Also, data breaches can potentially occur when the patient data is being transmitted over the internet to the cloud. Many hospitals and doctor’s offices utilize cloud servers to store patient data without the patient’s knowledge. Hackers can exploit a vulnerability on the devices, with access to the cloud, compromising millions of patient files.

 

What makes health records so valuable to cyber criminals is the personal nature and its shelf life. Health records contain information such as:

  • Policy Numbers
  • Medical History
  • Billing Information
  • Social Security Numbers

 

Even though some patient data, such as Credit/Debit card information, can be shut down when fraudulent activity is detected. Other data cannot be changed that easily, such as Social Security numbers. So, it is important to protect that information so data breaches do not occur.

 

How can Doctor’s offices, hospitals and healthcare facilities protect patient data?

There are multiple ways that patient data can be protected. Some ways include:

  • Encryption Platforms. Encrypting data makes sure that all data that is being exchanged is done so safely.
  • Back-up patient records. By backing-up patient records this gives hackers less motivation to go after those organizations and their records. All back-ups should be kept in a secure environment.
  • Employ biometric authentication. This helps control and limit access to labs and records to only authorized personnel.
  • Device Management. Device management protects devices in case of theft.

 

If you have any questions about Hacking, Data Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.



  • 13

“Printers Beware”

Dear Blast Readers,

 

Did you know that 54% of employee’s say that they do not always follow the security policies put into place by their company’s Information Technology departments? * Did you know that about 51% of employees who have a printer, copier, or a multi functioning printer (MFP) at their work place say that they have copied, printed, and/or scanned confidential documents at work before? *

 

With cyber threats on the rise, it is not a shock that even printers are not safe from cyber attacks and data breaches. If a printer is connected to a wireless network and is unsecure, then it is open to hacking. Once compromised, other devices connected to the same network are left vulnerable.

 

How can a hacker gain access to a network using an unsecure printer?

 

One way a hacker can gain access to your unsecured printer is if the firmware is out-of-date. This allows the system to accept malicious lines of code. The hacker can then use the code to gain access to:

  • Print Jobs.
  • The user’s computer.

 

Another way a hacker can gain access to your unsecured printer is using a drone. Along with a drone the hacker would need a mobile phone and two applications. The two applications would do the following:

  • The first application identifies all wireless printers
  • The second application deploys malware into the printers.

 

So how does this type of drone attack occur?

 

Firstly, the hacker would fly a drone using a smart phone into position outside of an office building. Once into position, the hacker activates the two applications. Once the first application scans for open Wi-Fi printers, the second application establishes a fake access point (one that mimics the real device). Once established, the fake access point is then able to intercept documents that have been sent to the real device. With network access gained, the hacker can then in-bed malware into the company’s network.

 

When malware is installed within the network, hackers can gain access to your servers and documents by:

  • Accessing sensitive and/or confidential information.
  • Changing the printer’s settings or LCD readout.
  • Launching DoS attacks (Denial-of-service attacks).
  • Using the printer to receive and transmit faxes.
  • To send unauthorized print jobs.
  • Retrieving saved copies of documents.
  • Eavesdropping on network printer traffic.

 

To take preventative measures against attacks on your printers Some typical prevention procedures include, but are not imited to:

  • Educating Employees on the importance of security
  • Defining what constitutes a secure password
  • User identification (with PINs and other verification) for printer usage.
  • Data encryption protocols (to prevent interception of data across the network).

 

If you any questions relating to Firmware, Network Security, Printer Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

 

 

*(The statistics represented in this blast were identified from: Network, C. (2013, February 07). The Hidden IT Security Threat: Multifunction Printers. Retrieved April 25, 2017, from https://www.forbes.com/sites/ciocentral/2013/02/07/the-hidden-it-security-threat-multifunction-printers/#b615affb615a )*


  • 2

“How Your Anti-Virus Can Turn On You”

Dear Blast Readers,

 

Imagine, you are sitting at your computer knowing that you did everything that you could to protect the files that are on it. You bought the best anti-virus software on the market, thinking that this would be your last line of defense. Now imagine the day you find out that your anti-virus software has been flipped and now works for the hackers. No one wants to believe that something that protects them could also be used against them. It is a nightmare when you find out that your anti-virus software is a double agent working for the hackers.

 

An Anti-Virus software is a computer program that is used for scanning, identifying, and removing viruses from your computer. Primarily, they are used to protect your computer. Now, image that this program that has access to all your files has gone to “the dark side” and has provided unfettered access to hackers. This type of attack used by hackers is called a “Double Agent” attack.

 

A “Double Agent” attack is an attack that takes over the anti-virus software of PC computers running Windows. This type of attack is performed by hackers. Once in control of the anti-virus software the hacker converts the anti-virus software into malware. The malware then acts on the hacker’s behalf to encrypt the files on the computer holding them for ransom.

 

A “Double Agent” attack can compromise the 14 major anti-virus software available. This type of attack can easily be executed by someone working out of their parent’s basement or a 13-year-old script kid. The way in which these individuals would infect a computer with a double agent attack can include having the user:

·        Access Malicious URLS

·        Download Malicious Attachments

 

To prevent the “Double Agent” attack from occurring, organizations and businesses should:

·        Monitor for spoofed emails.

·        Set up administration controls to prevent downloads from unknown sources.

·        Regularly update anti-virus software in all systems.

 

If you have any questions relating to “Double Agent” Attacks or Computer Forensics and Cyber Security contact FDS Global. You can reach us at your office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.