ITS Twitter and News

news

The latest in Technology News

March 31, 2022

Phishing and Ransomware Increased Significantly in 2021

 

The 2021 threat landscape reinforced one key point: successful threat protection requires a people-centric defense. You must be a vital part of the security stack. The more informed and equipped you are from a cyber attack, the more resilient your company will be.

 

More than 1,100 phishing campaigns abused the Microsoft brand – using a Microsoft-themed lure or product to steal credentials or deliver malware. So as users of Microsoft O365, it’s essential that you stay vigilant and look for the signs that clue you in that you have received a fake email.

 

There were more attacks throughout 2021 than 2020, confirming that attackers focused on taking advantage of the new office-home hybrid work environment that many companies have adopted since the beginning of the pandemic.

Business email compromise attacks increased almost 20% in 2021, from the year prior.

Email is where you as a business person, employee, and owner need to concentrate the most to protect your company, your data, and your employees.

The moral of the story is, YOU are your biggest defense against cyber-attacks.

The more security protocols you put in place, the better off you and your company will be. Keep in mind, though: there is always the possibility of a scam getting to you. The best way to prevent yourself from falling for it, is to be aware of the signs. If you are interested in training your employees on how to be more aware, reach out to us. We have the tools to help you train your team to be vigilant against hackers. We want you as safe as possible!

Information courtesy of:

https://www.proofpoint.com/us/resources/threat-reports/state-of-phish

https://www.cisa.gov/shields-up

 

https://www.knowbe4.com/free-it-security-tools

Newspapers

news

ITS News Articles from 2021

January 31, 2021

Strong Passwords

 

Our CEO, Ryan, cannot stress enough how important it is to use strong passwords. "12-15 characters is becoming the new standard for strength. 15 is regarded as not brute-forceable," which means "the length of time it would take to try and break the password exceeds what it would be worth to get it." 

Separating passwords by groups or functions (work, financial, retail, entertainment, subscriptions) will help you remember your login information without having to write it down. For example, take a section of the password as the core that doesn't change, but make the first three and last four characters different.

Ryan continues, "Excel spreadsheets are one of the easiest ways hackers gain access to all of your credentials, even with password protection on the document. There are better options."

Finally, from our VP Of Business Development, Jay: Don't give your password to anyone, especially not to companies or emails requesting it. Also, never send passwords through email. It is open to view, and un-encrypted to the world, giving easy access to hackers and spammers.

October 1, 2021

NATIONAL CYBERSECURITY
AWARENESS MONTH

 

Here are 5 Ways to be cyber secure at work:
1. Treat Business Information as Personal Information.
Business information also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties over unsecured networks.


2. Don’t make passwords easy to guess. Ensure you are using difficult to crack passwords for your computers/accounts/website logins. Don’t use personal information, don’t use real words, create
longer passwords, use characters, upper- and lower-case letters. All of this will help keep you more secure. Also, don’t automatically save the passwords if you use a public or shared computer.

3. Be up to date. Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates and set your security software to
run regular scans. A friendly reminder that if you use a computer with Windows 7, you are more vulnerable now, since there are no more security updates for that OS. Call us to upgrade your computer to Windows 10.


4. Social media is part of the fraud toolset. By searching Google and scanning your organization's social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business or share PII on those platforms.


5. It only takes one time. Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt or instance of accidental exposure. Be
wary of unusual sources, do not click on unknown links, and delete suspicious messages immediately.

More information can be found at CISA’s website: https://www.cisa.gov/national-cyber-security-awareness-month