Support

Talk to a Tech:

You Have Been Hacked

 

10/1/15

There is a very good chance that you have personally been hacked, I know I have.  In 2014, I learned my Debit Card had been compromised when I tried to buy a $1 soda at McDonalds.  I swiped my card and it was declined.  As it turned out, I had to visit my credit union and go through a list of charges and identify which were actually mine.  It turned out that I had been hacked shortly after shopping in two big box stores.  I was embarrassed about the card being declined so I did what any “red-blooded American” would do; I stopped shopping at those stores for quite a while. I wonder how many of the people hacked like me did the same….

 

The list of companies, cities, and even countries that have been ‘hacked’ is growing rapidly each year and the impact is troubling. Forbes reported in January of 2015, that Target reported 40 million debit and credit card numbers had been stolen during the holiday shopping time last year (2014). Other notable names hacked in 2014 were Neiman Marcus - as many as $1.1 million card holders were affected, White Lodging - 168 hotels/21 states were breached, Michaels - 2.6 million cards potentially exposed, 11 Casinos - data breach from December 2013 to April 2014. The list goes on to include Sony, Dairy Queen, Jimmy John’s, JP Morgan Chase, UPS and even New York.

http://www.forbes.com/sites/moneybuilder/2015/01/13/the-big-data-breaches-of-2014/

Service Providers have been affected too. A week ago, T-Mobile was hacked through its Credit Reporting vendor, Experian. The mobile carrier acknowledged that as many as 15 million clients have been compromised.

http://abcnews.go.com/Technology/experian-hack-exposes-mobile-customers/story?id=34200279

If you are not familiar with the Verizon 2015 Data Breach Investigations Report, you should probably take a look at it. There, you will find statistics for hacks by industry as well as some good tips to consider to protect your organization’s security. Breaches come from every imaginable direction; employee error, email, espionage, BYOD (bring your own device), even employee mal-intent/theft.

http://www.verizonenterprise.com/DBIR/2014/?utm_source=earlyaccess&utm_medium=redirect&utm_campaign=DBIR

So let’s talk money. IBM and Ponemon Institute examined costs incurred by 62 US Companies in 16 industry sectors and published the 2015 Cost of Data Breach Study. In doing so, they show us that the average total cost of a data breach was $6.5 million for organizations last year. This year’s study sites an 11% increase in total cost of a data breach over 2013 and an average cost per lost or stolen record of $217. Of the $217 per compromised record, $143 is attributed to indirect costs. Indirect costs can include loss of brand value, abnormal turnover/churn of customers, diminished customer acquisition rates, in-house investigations and communications - all as results of a data breach.

https://www-01.ibm.com/marketing/iwm/iwm/web/signup.do?source=ibm-WW_Security_Services&S_PKG=ov34983&S_TACT=C40402FW

Ok, so who is hacking? Well, it isn’t just the nerdy 13-year-old genius down the street these days. In fact, there are organizations of hackers allover the globe. Names you may have heard are: Anonymous, Wikileaks, Syrian Electronics Army (SEA) or Chaos Computer Club (CCC). It has also been alleged that North Korea and China are actively hacking businesses and countries alike. The intentions are speculated to be theft of currency, business trade secrets, to obtain military plans and sometimes just to be malicious.

As if the Verizon and IBM data wasn’t strong enough to get your attention, The Department of Homeland Security has named October as National Cyber Security Month. This is serious business, so please take some time to familiarize yourself with their website and save it as a favorite. It is an excellent resource for work or family.

http://www.dhs.gov/national-cyber-security-awareness-month

By now you get the picture, the Cyber Landscape is really dynamic but also really volatile. Is your organization prepared? If your organization is hacked, will you suffer the dreaded customer churn?

NetSource One prides itself on customizing a Security Solution for clients of any size. We are experts in our field, highly certified, SOC 2 compliant and have been the recipient of numerous awards. If you suspect your organization has been hacked, it may already be too late. Take control and contact us today.

 

Security News

Locky Email Virus Spreading Like Wildfire

Stop Threats Before They Hit the Network

As some of you may know there is a devastating email virus spreading like wildfire. The Malware is called “Locky”. It is disguising itself as an email attachment and has been using various file types (Word Doc, Excel, ZIP, PDF and etc.). Once you open the attachment Locky Malware can encrypt 164 different file types. Locky encrypts files on all fixed drives, removable drives and also on RAM disk drives. The hackers are after your money, they are trying to get users to pay them to remove the virus, do not follow payment instructions or give your personal information!!!

How to reduce risk of being infected:

  • Use an advanced email firewall service such as Barracuda
  • As always, don’t open suspicious attachments (e.g. .doc, .xls, and .zip files)
  • Keep recent backup copies of important data in a secure place either online or offline
  • Ensure that your system and applications are fully updated and patched
  • Disable Microsoft Office macros by default and never enable macros in strange/unknown attachments that you receive via email

We have been seeing a large increase of the message types on our Barracuda Anti-Spam filter over the last 72 hours. Our Barracuda Anti-Spam filter is currently catching the emails and attachments for all of our Anti-Spam customers, but everyone is still at risk until the threat is fully detectable. For those who are unaware the Barracuda Email Security Gateway is integrated with a cloud-based service that pre-filters email before delivery to the onsite Barracuda Email Security Gateway. The Cloud Protection Layer is continuously updated with definitions in real time from Barracuda Central. In addition, Barracuda’s global cloud infrastructure provides the flexibility to handle email surges during specific periods of the day and during Denial of Service attacks. For our clients who do not use Barracuda or other spam firewall please contact us with any questions or concerns.

Learn More