BlueKeep is a vulnerability that allows for remote code execution on systems that are not patched.  Microsoft has also recently come out and said that they believe the vulnerability is “wormable”, essentially meaning it could propagate across the internet without any interaction. 

This is a major security issue causing Microsoft to release updates for out of support systems like Windows XP. 

If you are still running Windows Server 2008 and 2008 R2 or Windows 7, you should know that they are going end-of-support in January of 2020 and systems should be planned to be upgraded or replaced.  Regardless, if you still have these systems running, ensure they are updated against this threat. 

All HubWise managed systems were updated as part of our normal patching policy. 

Here at the HubWise we’ve seen some interesting things going on with email lately, specifically around bank account and routing numbers, social security numbers, and credit card numbers. 

Two years ago, getting your email hacked usually meant someone was using your email account to send out a bunch of spam to either your contacts or more likely, the world at large.  While this was annoying, and generally irritated people, the worst the usually happened was that you ended up on a blacklist and couldn’t get your emails delivered for a few days while you cleaned up the problem.  This has changed dramatically recently. 

We are now seeing that when email accounts get hacked, or more likely, a user provides their username and password in a phishing email, the criminals that access the account don’t do anything for a while.  They just watch.  They see what emails you send and received, they start to understand the inner workings of your organization and its org chart, and they monitor your calendar to see what you are doing. 

Why?  Because when they know who you communicate with and the roll that they are in, they can then use your email to get someone else to do something they wouldn’t normally do. 

Here are a couple of specific examples. 

The CEO of an organization was in China scouting new locations and manufacturing plants for their business and their international expansion.  The whole company knew she would be out of the office and had a pretty good idea of what the trip was about.  The CFO, who did not accompany the CEO on the trip, was very aware of it and its purpose.  So, when the email from the CEO came in and asked for $250,000 be transferred to a bank account in China, he didn’t question it.   The money was sent immediately.  The CFO replied to the email, saying it was done.  When the CEO called the next day, the CFO made a passing comment asking about the transaction and the CEO’s response was one of shock.  She had not made the request and was surprised to hear to was made. 

The Information Security team investigated, found that the CEO’s email credentials had been compromised, the hacker had setup rules in her email box automatically deleting all email received from the CFO, so any response sent would never be seen.  They then noted that the CEO was to be in China and then sent the email during that time.  The money was not recovered. 

Another situation involved a 401(k) disbursement request.  An ex-employee of a company had requested his funds be rolled over into his bank account.  He filled out the form, put his bank account information on it and emailed it to his former employer.  The controller forwarded the form to their 401(k) manager, who then forwarded it on to the investment bank. 

The employee called their former employer a few days later and told the controller that the money hadn’t shown up in their bank account.  The controller called their 401(k) manager and was told the money was disbursed a few days after the form had been received.  The manager and the controller ended up comparing the routing and bank account numbers on the form, and they didn’t match. 

After investigating the incident, it appeared that the 401(k) managers account had been compromised.  The people watching the account saw the email come in, copied it, then deleted it out of the managers account so it wouldn’t be seen.  Five hours later, an email was sent from a spoofed email account to look like the controller had sent it, and it included the exact attachment originally sent, with the bank account and routing number changed.  The managed was none the wiser. 

Luckily the investment bank was able to reverse the funds from the wrong bank and recover the money before the account was emptied. 

These are just two examples of the many of what we are seeing criminals doing in the wild.  And they are scary.  So how do you protect yourself? 

First and foremost, if you are sending critical information via email, unless it’s encrypted, stop doing it now.  All HubWise customers are subscribed to HubWise ChainMail which provides email encryption built in.  It also automatically detects social security numbers and credit card numbers and encrypts those, so if you forget to mark the email, it will still be protected. 

HubWise ChainMail Compete combines with HubWise Spark to provide AI monitoring of your email accounts.  If it notices something odd going on with your email, for example sending emails you normally wouldn’t send or sending at odd times, it will flag a ticket and let us know.  It also monitors your inbox rules to ensure they are not being changed. 

Even with all of this in place, like a warm security blanket on a cold winter’s day, you also need to be vigilant about what you click on.  Compromised email credentials can lead to both of the above examples, and it doesn’t even need to be yours that are compromised to cause problems. 

Sometimes even the best security feature may not be technology related, pick up the phone and make sure what you send was received properly. 

1. Review access to your technology tools. It is often an afterthought, but as users leave or changes take place in your organization, you may need to adjust permissions accordingly. It is best practice to grant access to tools that an individual currently needs access to. Any employees who have left, or no longer need that access, should not still have access. Diligently revoking unnecessary access helps mitigate the risk of attackers using these inactive accounts to enter your customers’ environments. 
2. Enforce strong password policy. This goes beyond having strong passwords themselves. It also means instituting a frequent change policy and requiring different passwords for different customer sites. The password change policy needs to be enforced throughout your organization and for your entire portfolio of tools.  
3. Two-factor Authentication. Two-factor Authentication in software has become a must-do in today’s cyberthreat landscape. If there is a two-factor authentication feature within software you use, ensure that both you and your users are taking advantage of it and do not have it turned off.  If the software you are using does not have two-factor authentication capabilities, you can consider leveraging single sign-on tools to strengthen your password security efforts. 
4. Store passwords securely. Using complicated passwords has its disadvantages because they are hard to remember. Many users may start storing these passwords in commonly used applications that are unfortunately unsecure, such as Notes or Notepad. This makes the information easy for cybercriminals to steal. Employ the use of a password manager for your users to use to securely store their passwords. 
5. Review user roles. Like the first best practice mentioned above, as your IT provider to work with you to review the roles assigned to employees at their businesses. Part of reviewing roles means looking at permissions associated with different roles. This should be done regularly by someone who understands both the business and the personnel, to ensure each user is not given more permissions than they need to do their job. 

Security is of utmost importance at every business, including here at HubWise Technology. We review our security settings diligently for all of our technologies to ensure we are complying with security best practices and don’t put our business or our partners’ businesses at risk. 

 

The actual cost of lost data can be astronomical for some.  15.8% of respondents spent at least $50,000 to recover their data and 3.8% spent over $1 million dollars.  This figure only covers the cost to pay outsourced IT. This does not include internal IT staff, or lost revenue. 51% of companies that suffer sever data loss close within 2 years and 70% of small firms go out of business within a year of a large data loss incident. Data lost is more common than most business owners and executives realize.  36.8% of businesses surveyed lost at least one critical business application.   

With this valuable information, what can be done to prevent data loss.  14% of data loss can be attributed to weather and 24% to power failure.  Some of the power failures also fall under weather related causes.  Unless this becomes a disaster level weather occurrence cloud or off-site back ups can mitigate any loss.  The question becomes what is best for your business, continuous, daily, weekly, or a combination depending on how critical the data is. There are differing costs associated with the levels of backup and many of these decisions will be based on this.  

What does happen when you lose your data? If you are properly prepared it takes a simple phone call and recovery can occur almost instantly. If you aren’t, a mad scramble to see what can be done. The outcome more often than not means catastrophe for your business.   

To schedule a visit with HubWise Technology about your backup solutions, call Jason at 402-339-7441 or fill out our contact form.

 

While Flight Simulator doesn’t often get a huge shout out from the gaming crowd, I think technologists may have taken more notice this time around.

The areas in which you can fly from and too are incredibly detailed, building rise out of the ground, cities look just like their real-time counterparts, and you can fly over elephants and giraffes in the plains of Africa.

Microsoft stated that during the detailed imaging is generated from 2 petabytes of data (2,000 gigabytes). That’s a lot of data, much more than would ever fit on even the highest end gaming PC, and certainly not on the Xbox that the game is also slated to come out for next year.

Microsoft is utilizing Azure AI in the development of the game. It will be very interesting to follow the development and release of this, because I am expecting that some of that data and some of the images included in the game, may even be streaming, in real-time, from Azure. The ability for a developer to utilize the cloud to build bigger and more incredible games by utilizing the cloud is eye-opening and exciting. It makes me wonder what’s next.

So why should someone use instant messaging, and why is it beneficial in the workplace? First off, most instant messaging systems come with your current suite of applications like Microsoft Teams or Skype for Business. This means that you shouldn’t have a big bill to pay for you to start using IM applications. Secondly, it allows for group communication as the option for smaller user picked groups allows for projects to be better handled and more efficient. Also, it is great for improving other forms of communication. For instance, if you are on a conference call and you need additional information from a co-worker you can silently message them without leaving the call. Thirdly, it promotes employee engagement. When co-workers have open lines of communication, they are going to be more likely to care about the work they do and the company they work for. It promotes friendlier communication which can result in more productivity and creativity. Lastly, it allows increased productivity from remote users. Whether you are in the office, or elsewhere you can communicate just as effectively. Home users can communicate without having to dial a phone at the hope that the end user is available or has time for a call. It helps speed up work as you do not have to wait to send emails that have to get scanned by filters and firewalls.

Finally, the benefits of instant messaging should be a fundamental function of your business and how you operate as the benefits of increased communication easily outweigh the potential costs you may have.

The changes most users will notice immediately are cosmetic. Android is moving to a more minimal feel with the removal of the back, home, and app tray buttons that would typically be found at the bottom of the display. This is being replaced with a variety of gesture support surrounding fundamental tasks on the phone. These will include swiping up to get to the app drawer, swiping right to go back a page, etc. The beautiful thing about Android is, if you miss the buttons, there are launcher apps that can be installed which functionally change aspects of your home screen.

The other large cosmetic change is the implementation of a system wide dark mode. This will allow you to set a black theme with an accent color in any operating system specific context menu. In conjunction with this, there is also a rumored theme overhaul. This would likely mean the ability to change fonts and generally create a more personalized, coherent experience.

Q will also be receiving some new accessibility features. The most exciting is Live Caption. This is a feature that can create closed captioning in real time from any kind of media with spoken words. This functionality works in videos, podcasts, games, or music.

Rounding out the major updates are some security changes. Most apps today will ask permission to use certain services on the phone. From there, yes or no can be selected and you can carry on with the app if a critical service was not declined. What is new in Q is the ability to allow and deny, but also to allow only when the app is in use and active. This will mean less battery consumption for apps that may use GPS or scan for Wi-Fi in the background. It is also a great privacy quality of life change.

There are some newer features Apple has to offer. First off, it will have the option to silence unknown callers. This option will let you send all unknown callers straight to voicemail automatically, saving you time wasted on spam callers. Next is optimized battery charging. This option is to improve battery performance. Once the setting is enabled your iPhone learns your charging habits and can wait to charge your phone completely until you need it. For example, if you wake up at 7 AM every day, your phone will charge you to about 80% up until 6 AM and will charge the remaining 20% so its at 100 just as you wake up.

Next, they have low data mode. This is very important as carrier companies keep raising prices per GB and pushing us onto even pricier unlimited plans. Lastly, the location settings. With IOS 13 you will have the option to go to each individual app and change the location services and set it to ask every time you open each app.