“Life’s A Breach”

  • 0

“Life’s A Breach”

Dear Blast Readers,

 

Does your company use third-party vendors? Do those vendors make data security a priority? Does your company allow third-party vendors to access your companies network?

 

Third-party vendors are companies that offer services that the primary company can not support. It is considered a business necessity with most companies to outsource data management, activity processing, and storage to third-party vendors. But, did you know putting your company’s data into the hands of third-party vendors puts your data at risk of being breached?

 

It is common for hackers to try and use third-party vendors to gain access to a business’s data. Yes, businesses may have their own cyber security protocols in place, but access must be given to third-party vendors. When access to a business’s network spans out to a third-party, this is when possible network security vulnerabilities are created.

 

All businesses are responsible for the data that they collect, transmit, use and process, and they are still responsible for that data even when the data is entrusted to a third party.

 

If a third-party vendor gets hacked the consequences for your business varies, depending on the seriousness of the hack. A less serious hack can cause your business to lose vital data, and confidential employee information can be compromised. If the hack is a serious hack there are a few things that can happen, ranging from intense media attention to bankruptcy.

 

Outsourced contractors are often the primary targets of data breaches. So, it is important for the third-party vendors to takes data security seriously. But, how can you be sure if a third-party vendor is a security-conscious vendor? Some signs that a third-party vendor is security-conscious are:

  • The vendors have comprehensive security policies & disaster recovery plans in place and are updated and reviewed regularly.
  • Data Back-ups and recoveries are performed regularly. In case of hardware failure, the vendor has back-up servers to avoid interruptions.
  • Internal security audits are performed regularly.
  • Employees that have access to company data are vetted carefully (thorough background checks are performed).

 

But, as important as it is to make sure that the third-party vendors take data security seriously. It is also just as important to make sure that the data is secure on your end. To do that it is important to:

  • Have a strong internal security policy.
  • Know what data is sensitive & where it is located on your system. Never give one person access to more than one portion of your sensitive data.
  • Know your responsibilities and rights, as well at know those of your providers.

 

Another important aspect of a data breach is the reporting requirements. Reporting requirements differ depending upon the state in which the breach occurs. Additionally, if a breach involves information of clients across state or country lines, other reporting requirements will come into effect. It is vital to know your state’s cyber security breach reporting requirements.

 

If you have any questions about Data Breaches, Cyber Security, Computer Forensics, or Reporting requirements contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.



  • 6

“IoT Devices Beware: The BrickerBot”

Dear Blast Readers,

 

Do you leave your IoT (Internet of Things) Devices connected to the internet? Did you know that if you leave you IoT devices connected to the internet, even when you are not using them, it opens doors allowing hackers more time to gain control of your devices? Did you know that there is a form of malware that leaves your device impossible to use once infected?

 

A BrickerBot is a form of malware that has been created to infect a collection of devices. The “Bricker” in “BrickerBot” is referring to rendering a device, or devices, completely useless or inoperable, like a brick used as a paperweight. This is accomplished when the BrickerBot corrupts the device’s storage capabilities.

 

The way in which BrickerBots behave do not always match up with the behavior of traditional botnets. A botnet is a network of devices that have been infected. Their purpose is to keep the infected devices around for as long as possible.

 

Most botnets can be used for:

  • Sending out spam.
  • DDoS Attacks (also known as “Distributed Denial of Service Attacks”).
  • Phishing Attacks.

 

BrickerBot Malware uses a “Permanent Denial of Service” attack or PDDoS attack. This is when the BrickerBot physically disables the device.

 

How?

 

The device is physically disabled when the BrickerBot corrupts the firmware on the devices. Usually the only way to fix this is to replace the device, or if possible re-install the firmware.

 

BrickerBots use a set of commands to help accomplish their end goal of “Bricking” your smart devices. These commands will:

  • Render Flash storage useless by writing random bits to the storage drives on the devices.
  • Disabling TCP Time stamps, leaving connectivity vulnerable.
  • Limiting the processes that the devices can run at once.

 

How are you supposed to protect yourself from a BrickBot?

To protect yourself and your IoT Devices from BrickBots, you should:

  • Change your login information (BrickBots come with a dictionary containing default login information).
  • Limit the internet connectivity your device has. (Leaving your IoT devices connected, especially when you are not using them, gives hackers more time to take control and infect your devices.)
  • Install updates as frequently as they become available.

 

It is important to remember:

  • Every device that is smart and/or has internet connectivity should have STRONG PASSWORDS.
  • Take security into your own hands, do not rely on default security from the manufactures. (Remember: BrickBots come with a dictionary that contains default login information. Changing your login information should make your devices harder to hack.)

 

If you have any questions relating to IoT Devices, IoT Security, Hacking, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.


  • 13

“Printers Beware”

Dear Blast Readers,

 

Did you know that 54% of employee’s say that they do not always follow the security policies put into place by their company’s Information Technology departments? * Did you know that about 51% of employees who have a printer, copier, or a multi functioning printer (MFP) at their work place say that they have copied, printed, and/or scanned confidential documents at work before? *

 

With cyber threats on the rise, it is not a shock that even printers are not safe from cyber attacks and data breaches. If a printer is connected to a wireless network and is unsecure, then it is open to hacking. Once compromised, other devices connected to the same network are left vulnerable.

 

How can a hacker gain access to a network using an unsecure printer?

 

One way a hacker can gain access to your unsecured printer is if the firmware is out-of-date. This allows the system to accept malicious lines of code. The hacker can then use the code to gain access to:

  • Print Jobs.
  • The user’s computer.

 

Another way a hacker can gain access to your unsecured printer is using a drone. Along with a drone the hacker would need a mobile phone and two applications. The two applications would do the following:

  • The first application identifies all wireless printers
  • The second application deploys malware into the printers.

 

So how does this type of drone attack occur?

 

Firstly, the hacker would fly a drone using a smart phone into position outside of an office building. Once into position, the hacker activates the two applications. Once the first application scans for open Wi-Fi printers, the second application establishes a fake access point (one that mimics the real device). Once established, the fake access point is then able to intercept documents that have been sent to the real device. With network access gained, the hacker can then in-bed malware into the company’s network.

 

When malware is installed within the network, hackers can gain access to your servers and documents by:

  • Accessing sensitive and/or confidential information.
  • Changing the printer’s settings or LCD readout.
  • Launching DoS attacks (Denial-of-service attacks).
  • Using the printer to receive and transmit faxes.
  • To send unauthorized print jobs.
  • Retrieving saved copies of documents.
  • Eavesdropping on network printer traffic.

 

To take preventative measures against attacks on your printers Some typical prevention procedures include, but are not imited to:

  • Educating Employees on the importance of security
  • Defining what constitutes a secure password
  • User identification (with PINs and other verification) for printer usage.
  • Data encryption protocols (to prevent interception of data across the network).

 

If you any questions relating to Firmware, Network Security, Printer Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

 

 

*(The statistics represented in this blast were identified from: Network, C. (2013, February 07). The Hidden IT Security Threat: Multifunction Printers. Retrieved April 25, 2017, from https://www.forbes.com/sites/ciocentral/2013/02/07/the-hidden-it-security-threat-multifunction-printers/#b615affb615a )*


  • 0

“In A Day Where Everything Is Getting Smarter, It Might Be Smarter To Play Dumb”

Dear Blast Readers,

 

Did you know that 6.6 million people in the US are stalked every year*? Only 1 in 5 victims are stalked by strangers*. 85% of stalking victims know who their stalkers are*. Did you know that there are 78% of stalkers use more than 1 approach when it comes to stalking their victims*?

 

We live in a day and age where technology is continuing to get smarter. With technology getting smarter so are the cyber criminals. Today Cyber criminals are always looking for vulnerabilities and back doors to provide access to his or her next victim.

 

Recently, vulnerabilities in cyber security have been found hiding and lurking in the shadows of smart appliances. Some examples of smart appliances include:

  • Smart Refrigerators
  • Smart Slow Cookers
  • Smart Dish Plates

 

Smart Refrigerators can have 3 built in cameras, that allow you to see inside of the Refrigerators from where ever you are. They also can have the capability of streaming music, streaming videos, as well as sharing calendars, notes, memos and pictures. The Smart Refrigerators can also have voice activated features. If these refrigerators fell victim to a hack attack, then hackers would have total control over all the features.

 

By hacking the Smart Refrigerators, hackers can then peer into your life. Watching you, your spouse, and even your children with the help of the video feed that comes from the Smart Refrigerators cameras.

 

Also, they can listen to every conversation going on inside your home because of the voice activation speakers (the speakers that help to refrigerator listen and respond to your commands).

 

The Smart Refrigerators can also share calendars, notes, memos and pictures. If a hacker was to gain access to this information, it could be sold on the dark net to someone with malicious intent. But, you could also be stalked. With this information, a stalker would know your schedule, know what your family and friends look like, where your favorite places are, among other things.

 

A Smart Slow Cooker is another smart device that cyber criminals and/or hackers could use to their malicious advantages. Being a Bluetooth connected device allows the Smart Slow Cooker to connect to smartphones (both Android and iOS devices), and tablets that have the Smart Slow Cookers application. From this application, you can control all the features, including:

  • Adjusting the temperature
  • Turning the Smart Slow Cooker on/off

 

With access to the Smart Slow Cookers, hackers would be able to get into the application and mess with the settings. They would be able to turn it on and off as they pleased, they would also be able to control the heat settings, possibly being able to blow the power source creating a fire. Hackers would be able to do all of this without the consent or knowledge of the device’s owners.

 

Do you wear a fitness tracker on your wrist consistently? Do you monitor your caloric intake with said device? Did you know there is a Smart Dish Plate that can help you track your eating habits and calorie intake? The Smart Dish Plate is Bluetooth and Wi-Fi connected. It connects to your smartphone, via application, and your fitness tracker. It also has 3-mini built in cameras.

 

If hackers and/or cyber criminals were to gain control over this device, then it is likely that your phone and its data will be targeted as well. This leads to the possibly that this data could be sold on the dark net.

 

With the 3-mini built in cameras, hackers would also be able to spy on you through the camera feed.

 

By gaining access to the smart kitchen appliances, hackers can do many things without your knowledge or consent. They can control the device and all its features and they can also gain access to any other internet connected device connected the same network, including:

  • Smartphones
  • Tablets
  • Computers
  • Alarm systems

 

If you have any questions about hacking or cyber security contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please Feel free to visit our website at www.FDS.Global.

 

 

 

*(The statistics represented in this blast were identified from: Stalking Information. N.p., n.d. Web. 17 Apr. 2017.)*