BNMC Blog

In March, when the stay-at-home orders first came down, and businesses started asking their employees to work from home, it was obvious that many of them were not prepared for this contingency. As the pandemic has gone on, however, businesses have had to adapt. Today, we thought we would look at some of the solutions and strategies that are being used by businesses to secure their endpoints with most of their workforce out of the office. 

Business success is often tied to the quality of your business relationships, and there are many people you need to trust: suppliers who can provide you with everything you need, the team who do their jobs, and customers who turn to you because they know they need you. Unfortunately, it is possible for cybercriminals to exploit this trust to achieve their own goals.

Phishing attacks are a fashionable strategy for many cybercriminals and have been for some time. From the infamous Nigerian Prince email scam to the generic urgent message from the bank, most people have seen at least one example of phishing hit their inbox.

We’ve all seen them: the scam emails that are so obviously a scam, you have no idea why a scammer or a cybercriminal would even bother sending them. It just so happens that there is a very good reason that criminals continue to use these transparent attacks, as they have done for centuries.

With so many people working from home due to stay-at-home orders resulting from the COVID-19 pandemic, IT security may not be at the forefront of users’ minds. Unfortunately, scammers and hackers aren’t unemployed during this time and are still causing havoc for businesses of all sizes. Let’s take a look at cybersecurity during COVID-19.

When it comes to cybersecurity, automation can benefit many of your processes and protections. Let’s review how automation can be used to protect your business, and by extension, your livelihood.

The term “hacker” has firmly become a part of the public lexicon, thanks largely in part to pop culture and its liberal use of the term. However, the use of the term so frequently has effectively diluted its meaning to “someone good with computers.” In order to keep your business secure against the hackers of the real world, it may help to understand the motivations behind their activities.

Fishing - a jerk on one end of a line waiting for a jerk on the other end.
Phishing - very similar to fishing, but much more consequential.

While the word phishing is humorous and relatable due to it being derived from the word “fishing”, the consequences of falling victim to a phishing attack are far from comical. Today we will discuss just how serious these attacks can be, and the easiest way to prevent them.

With data starting to be treated more like a commodity, companies are spending more time and money attempting to secure the data they have. Some organizations aren’t successful. In 2018, over 446.5 million records were exposed, even as data breaches dropped by 23 percent to 1,244. Back in early May we took a look at data breaches over the first four months of the year. Today, we update this list.

Have you ever wondered what happens when hackers gain access to state-developed malware tools? Well, now you don’t have to; a type of malware called Double Pulsar, that has been utilized in the past by the NSA, was bundled with a Chinese hacking tool and used to carry out attacks on Hong Kong and Belgium in 2016. Needless to say, this threat is unnerving.

If you were to ask us what one of the most important cybersecurity features to have is, chances are, we’d answer “secure passwords.” Sure, this might be the answer that you’d hear from everyone, but that’s because it is really that important. For our tip, we’ll illustrate how it’s so important by examining a few key processes hackers use to crack a password.

2018 has been the year of the hack. The problem, so was 2017, 2016, and so on… Marriott International has announced that they have had what could be the second largest data leak in history. They are saying that they are responsible for a data breach that leaked some 500 million records over a five-year span.

Artificial intelligence has been making waves in the world of cybersecurity, as machine learning could potentially make the solutions we have today smarter and better at their intended jobs. However, artificial intelligence has also appeared on the other side of cybersecurity, as cybercriminals have begun to leverage A.I. as well.

Each day tens of thousands of people from all over the world are hacked. Not just sent run-of-the-mill phishing emails, but legitimately hacked. This has made the cybersecurity industry grow at a rate only surpassed by the Internet of Things (which ironically may be one of the largest threats to cybersecurity in the world). We thought it would be good to go over some of the largest cybercrimes of the first half of 2018, and some telling statistics that will give you an idea of what exactly you are up against.

The Internet is rife with potential threats. Some are situational, but most are deliberate actions made by malicious entities who are trying to obtain any semblance of value from you or your company. Some of these exploits have been around longer than you’d imagine possible. This has been made evident by huge Internet-based companies such as PayPal and Facebook testing positive for a 19-year-old vulnerability that once allowed hackers to decrypt encrypted data.

If your business were to be struck by a Distributed Denial of Services (DDoS) attack, would it be able to recover in a timely manner? Do you have measures put into place to keep them from hampering your operations? While most organizations claim to have sufficient protection against these dangerous attacks, over half of them have simply proven to be ineffective against DDoS.

Students generally love it when classes are cancelled for whatever reason, but thanks to a cybercriminal group called TheDarkOverlord Solutions, a school in Flathead Valley, Montana was disrupted for an extended period of time. This downtime resulted in a disruption of operations for over 30 schools, as well as the threat to the personal information of countless teachers, students, and administrators due to a ransomware attack.

Dealing with disasters are a part of doing business. You know how difficult it is to recover from a devastating flood or storm. While businesses tend to suffer from these situations, countless individuals suffer every time a natural disaster hits. Just take a look at the United States in recent weeks. Even though you may want to donate to people suffering from hurricanes, there are illegitimate charities out there that want to make a quick buck off of your generosity.

If fiscal reasons have stopped you from securing your network against ransomware thus far, you may want to reconsider your strategy. Not only are attacks still becoming more and more prevalent, but the developers of ransomware have lowered the price of admission for aspiring cyber criminals. Fortunately, there are some steps you can take to keep your business protected against a ransomware attack.

In a bizarre reminder of why security best practices are so critical to the world of IT, it has been reported that one of the largest collections of hacked and stolen login details are currently making the rounds in the Russian black market.