Pokemon Go Brings New IT Threats to Company Networks

Pokemon Go Brings New IT Threats to Company Networks
Pokemon Go Brings New IT Threats to Company Networks Gaming isn’t exactly a recommend office activity for most businesses, how people spend their private time is generally their business. But because of the new Pokemon Go craze there’s a huge new rash of potential security risks to watch out for in your office, and you better get up to speed fast. Pokemon Go has quickly become the most popular downloaded game in North American history. Just as quickly, it’s attracted organized cybercrime, and with it an unprecedented onslaught of new phishing hazards. It’s not just the range of new traps that is surprising, but also speed in which they are coming on stream. These are the same criminal networks that have almost tripled phishing attacks on corporate employees this year. They're using adaptations and variations of many of those same successful tactics and tools on Pokemon Go players. So far it's been a smorgasbord for them.   If your company or organization has employees who play Pokemon Go who connect to your network with private mobile devices or VPN, your data security may soon be at risk.   Some quick stats about Pokemon Go you should know Consider that Pokemon Go...
Rate this blog entry:
Continue reading
808 Hits

Is Email Phishing Unstoppable? Just don’t rely too much on your office antivirus software.

Is Email Phishing Unstoppable? Just don’t rely too much on your office antivirus software.
Photocredit: Stephen Coles; https://www.flickr.com/photos/stewf/ Is Email Phishing Unstoppable? Just don’t rely too much on your office antivirus software. Your antivirus software ~might~ be good at stopping viruses, but they’re becoming more irrelevant every day at protecting your data and devices. Some experts are pointing to a recent warning by the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (CERT), where they issued a warning about global security product Symantec and Norton Security products containing dangerous vulnerabilities. This doesn’t mean they’re completely useless and they don’t perform an important function. There’s a more important reason to not blindly trust your antivirus software to keep your data safe.   People tend to rely too much on them, giving them a false sense of security.   Evolving Threat Tactics Just a few short years ago, antivirus software protected against 80 to 90 percent of online threats. Today, it’s more like 10 to 20 percent because of constantly evolving threat tactics. While some company executives feel smugly confident about their level of antivirus security, cyber criminals are getting in through the company’s weakest links—the users.  An alarming trend is the aggressive growth of phishing techniques used by attackers in 2016. Hackers are spending less effort...
Rate this blog entry:
Continue reading
982 Hits

The 18 Highest Paying IT Industry Certifications in 2016 – Canadian Edition

The 18 Highest Paying IT Industry Certifications in 2016 – Canadian Edition
The 18 Highest Paying IT Industry Certifications in 2016 – Canadian Edition   Introduction: Canadian IT Industry Facts Before we get to the IT certifications and salary ranges, we want to highlight the growing demand for more professionals in this this industry. There is a real pressing shortage of IT professionals in Canada, and the world (we reported on the world-wide shortage of IT professionals here earlier this year). Salaries in this industry are very generous, and rising faster than almost every other industry. According to Robert Half Technology, IT salaries in Canada are rising at an average of 5.1% annually. Accordingly, job qualifications are also increasing, creating more demand for certification programs and higher skilled professionals. If there was ever any doubt about the importance of the IT Industry in Canada today, the facts show just how important it really is. There were about 811,000 information communication and technology professionals employed in Canada at the end of 2015, according to the IT Labour Market Outlook 2015-2019 produced by the Information Communication Technology Council (ICTC).  While these numbers ~seem~ high, it also calculates that Canada will require an additional 182,000 qualified IT professionals by 2019—to fill positions for information systems analysts...
Rate this blog entry:
Continue reading
1249 Hits

How to Find Out if an Account Has Been Hacked

How to Find Out if an Account Has Been Hacked
How to Find Out if an Account Has Been Hacked The recent disclosure that Mark Zuckerberg’s own Facebook account password was hacked this week should set alarm bells off for anyone who’s ever created an online account. You have to wonder, if the Facebook founder’s email and password accounts aren’t safe, then what is? In case you haven’t heard, last weekend Mark Zuckerberg’s Twitter and Pinterest accounts were briefly hacked by a group calling itself OurMine. They demonstrated by announcing his lame password on his Facebook timeline. No, Facebook wasn’t hacked. Zuckerberg’s email and passwords were part of a LinkedIn database that was actually hacked back in 2012, (along with up to 167 million others), and just posted online in May this year. Since then, hackers have been having a heyday with them. So if Zuckerberg’s LinkedIn account was hacked, why did it affect his Facebook and Pinterest account? It’s because he used the same lame password for all of those accounts. And he never changed it after LinkedIn announced they were hacked. ...Since 2012. Apparently Zuckerberg is guilty of password laziness - using the same lame passwords on multiple accounts. He’s not alone. Along with millions of others who are getting...
Rate this blog entry:
Continue reading
345 Hits

Top 10 IT Support Requests. There are no dumb questions when users are stuck.

Top 10 IT Support Requests. There are no dumb questions when users are stuck.
Top 10 Support Requests There are no dumb questions when users are stuck.   They say there are two kinds of companies in the world: Those that provide IT Support; and those that waste time and money. OK, that might not be true for everyone, but there are is truth in it. What we’ve learned is that companies that do provide IT Support have made a strategic decision to invest in productivity, and in their people. Are there ever dumb questions? Certainly, but only from our experience. Do users put off calling support because they think it’s a dumb question? Of course, some do and some don’t. What else we’ve learned is that if you’re stuck after making a reasonable attempt to solve an issue, it’s dumb to not call for help. Spending time to solve a technical problem that eludes you only wastes your time and your employer’s money. Especially when they invest in the support system to keep you productive. Now that doesn’t mean you should always call for help for simple fixes to the most common issues. If your company is providing the right tools your users should be able to easily solve most common problems themselves, without calling the...
Rate this blog entry:
Continue reading
402 Hits

Microsoft Finally Bans Easy-Stupid Passwords

Microsoft Finally Bans Easy-Stupid Passwords
Microsoft Finally Bans Easy-Stupid Passwords If you see the above Reset your password line when logging into your Microsoft account--and it tells you to “Choose a password that’s harder for people to guess”--it’s because Microsoft won’t let you use your dumbass password any more. Earlier this week Microsoft turned on a new feature that dynamically updates a list of bad passwords, and will block users from trying to use them. From now on, you can forget about all those stupid passwords so many people stubbornly stick to, like 123456, password, 12345678, qwerty, 12345, 123456789, football, 1234567, dragon, and baseball. These are the top 10 most common passwords used by people, as gleaned in part by 117 million LinkedIn accounts that were originally hacked in 2012 and leaked last week, and by the password attempts hackers use on various Microsoft accounts. Alex Weinert from Microsoft's Identity Protection Team says that Microsoft has been collecting all the password guesses used by hackers from the 10 million daily hacking attempts they see. "We analyse the passwords that are being used most commonly. Bad guys use this data to inform their attacks," he explains. "What *we* do with the data is prevent you from having a password...
Rate this blog entry:
Continue reading
358 Hits

DDoS Attacks: What to Expect & How to Mitigate

DDoS Attacks: What to Expect & How to Mitigate
DDoS Attacks: What to Expect & How to Mitigate   A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.   We’re talking about DDoS attacks today because they are so common now that most organizations in North America have experienced some form of DDoS attack in the last 12 months. In fact, one third of all downtime incidents are attributed to DDoS attacks, according to the worldwide Digital Attack Map (operated by Google Ideas and Arbor Networks). The New Botnet Armies Cyber attackers spend a lot of effort to build armies of botnets -  networks of infected computers -  by distributing malicious software via websites, social media, emails, attachments and other devious ploys (see Phishing in the Office Pool, some staggering facts on phishing, your employees and corporate risk). Once infected, these botnet computers can be controlled remotely without their owners' knowledge, and used like an army to launch attacks against any targets. Some botnets are millions of computers strong. Launching Attacks Botnets generate massive floods of traffic to overwhelm a target. Some floods are more connection requests than the server can handle, while others send huge...
Rate this blog entry:
Continue reading
482 Hits

Phishing in the Office Pool. Some staggering facts on phishing, your employees, and corporate risk

Phishing in the Office Pool. Some staggering facts on phishing, your employees, and corporate risk
Phishing in the Office Pool Some staggering facts on phishing, your employees, and corporate risk The term “PHISHING” covers a broad area. It’s arguably the most sinister form of cyber-attack, and it’s certainly the most common. And if you didn’t already know, it’s also considered as a major attack vector for entry into corporate and other network systems. The United States Computer Emergency Readiness Team (US-CERT) defines phishing as a form of social engineering to solicit personal or corporate information by posing as a legitimate organization or known individual. In other words, they’re looking for suckers to fall for some kind of scam. While most phishing attempts target “people” in general, whether at work or at home, it’s their compromised passwords, computers and cell phones that become a risk to the organizations they work for, as well as others. Phishing is deviously sneaky. The most common Phishing attempts are made through email, phone calls, texts, postal mail, social media, document attachments, websites and other means. The bait is usually designed to trick people into responding to an action. The easiest to spot and avoid types promise us miraculous results, call out to us for hot times on lonely nights, appeal to our vanity,...
Rate this blog entry:
Continue reading
504 Hits

DDoS Attack Ransom Notes a Growing Menace for Businesses of All Sizes

DDoS Attack Ransom Notes a Growing Menace for Businesses of All Sizes
DDoS Attack Ransom Notes a Growing Menace for Businesses of All Sizes Reports of DDoS attacks—preceded by ransom notes—are surging, according to surveys conducted by IBM Security and Digital Shadows. This is alarming because, while a DDoS attack won’t destroy your data, it will still disrupt your business and result in significant expenses.     “It’s Extortion 2.0”, says Netcotech CEO Gideon Gideon, “These criminals are using black art cyber tools to extort money from innocent organizations, and they’re doing it anonymously and from a distance.” Once the scourge of governments and large multinationals, more and more small and medium sized businesses across all sectors are seeing increases in these and other types of cyber attacks.     A few years ago, most DDoS attacks were either politically or protest motivated, dirty tricks from competitors, weapons of war by governments, or used to cloak other hacking attempts. Cyber criminals have since learned that many smaller organizations will pay a fee of a few thousand dollars to avoid becoming victimized. Since it’s relatively easy to stage an attack, all they need to do is send out batches of Ransom Notes to pre-selected targets. After that the process is mostly automated. The number...
Rate this blog entry:
Continue reading
537 Hits

Is Your Business Network a Hardened Vault or a Cardboard Door?

Is Your Business Network a Hardened Vault or a Cardboard Door?
Is Your Business Network a Hardened Vault or a Cardboard Door?         Whether a desktop, laptop or mobile device, almost every computer we use is connected to some type of network. More than simply internet access and email, our corporate networks let us work more efficiently, be more productive and save money doing it. They are integral components for functions like purchasing, selling, collaboration and customer service. The advancement of modern networking technology means we have greater access to more data available than ever before. And we’re continuously adding more business applications and databases year after year. This increases the complexity of our operations and our access to them.  “The nastiest growing threats for businesses today are hardware-centric cyberattacks, ransomware, zombie botnets and identity theft.” Unfortunately, this advancement and complexity is also adding to our security concerns due to the growing number of increasingly sophisticated cyberattacks on small and medium sized organizations. It’s no longer just data hijacking or DDS attacks that are growing, the nastiest growing threats for businesses today are hardware-centric cyberattacks, ransomware, zombie botnets and identity theft. Still, we seldom think of our physical networks unless they’re broken. We simply rely on them to work. In reality, the security...
Rate this blog entry:
Continue reading
361 Hits

Cyber Security Industry Shifting to Crisis Mode as Jobs Go Unfilled

Cyber Security Industry Shifting to Crisis Mode as Jobs Go Unfilled
Cyber Security Industry Shifting to Crisis Mode as Jobs Go Unfilled   The dramatic rise in cybercrime is affecting governments, companies, NPO and industry organizations of all sizes around the globe, but that’s just the beginning. The trend lines started in 2007 to 2013 when Cyber security job postings started growing at double the growth rate of all IT jobs. The labour pool has never caught up. Today, there are over 200,000 unfilled cyber security jobs in the U.S. alone. Cisco estimates that globally there are over one million cyber security job vacancies today. Michael Brown, Symantec’s CEO, expects demand to rise to 6 million positions by 2019, with a shortfall of 1.5 million. What does that mean? So far in 2016, the Enterprise Strategy Group says “46% of organizations now claim that they have a problematic shortage of cybersecurity skills representing an 18% year-over-year increase.” It means that cyber security teams are understaffed in many places, making it difficult to properly protect their organization’s networks. This news comes at a bad time. 2015 is already identified as the being the worse year ever for cyber crime, with nearly 1,000 major data breaches and countless others.   In Canada, PwC says “Cybersecurity incidents...
Rate this blog entry:
Continue reading
500 Hits

Who Thinks These Weak Passwords Are Funny? The Joke is On Us.

Who Thinks These Weak Passwords Are Funny? The Joke is On Us.
Who Thinks These Weak Passwords are Funny? The Joke is on us.     We all know that password security is important—especially in an office. But our user's personal account passwords aren’t always top-of-mind when we think of office network and data security. It ought to be, because every user survey I’ve ever seen scares the crap out of me. It should scare you too. Security experts have been warning us for more than 20 years that the most common passwords people use online provide ZERO to NO barriers to intrusion by hackers. We collectively smirk and grin, and probably wonder at who these silly people are who think they’re securing their online accounts with such ridiculously simple passwords. “Stoopid people”, right? Well, the joke’s on us for everyone who manages an office with users who access an office network at work or from home. Let me explain, but first, you have to look closely here at SplashData’s January 2016 Annual List of the 25 Most Common Hacked Passwords… Yes, it looks just like the same list of the most common passwords we saw three years ago, and three years before that. Why aren't people "getting it"? Rank   Password   Change from 2013 1   123456   No...
Rate this blog entry:
Continue reading
1059 Hits

NEW JOINT US/CANADA RANSOMWARE ALERT ISSUED

NEW JOINT US/CANADA RANSOMWARE ALERT ISSUED
New Ransomware Alert Issued US & Canada issue joint ransomware alert, discourage paying ransomware to cyber attackers The Canadian Cyber Incident Response Centre and the US Department of Homeland Security issued a joint ransomware cyber alert this week in response to the recent surge in attacks. Both government agencies strongly recommend that organizations and individuals NOT PAY the ransom demanded by cyber attackers. The new emerging variants are targeting healthcare in particular, and other organizations with attack strategies that are extremely ruthless and difficult to respond to. The warning was prompted by recent attacks at Hollywood Presbyterian in Los Angeles, Methodist Hospital in Kentucky, and MedStar, the biggest Washington, D.C.-area healthcare provider, among many others. In a profound understatement, the alert advised that “ransomware's consequences to an individual or institution could include a loss of sensitive data, a disruption of business operations and expenses to restore a system into working order”.   In case you’ve never heard the term before, Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid, usually with Bitcoins, an untraceable online currency.   Suggested Cyber Safety Tips In the meantime, please read following tips to...
Rate this blog entry:
Continue reading
501 Hits

The Real Reasons Why Managed IT Services Are Growing So Fast

The Real Reasons Why Managed IT Services Are Growing So Fast
The Real Reasons Why Managed IT Services Are Growing So Fast What You Really Want to Know The managed IT services industry is expected to growing at an astounding rate of 12.5% annually through to 2019 to a value of $193 billion worldwide. Which is pretty significant when in 2012, the industry was predicted to reach about $45 billion by 2016. Managed services are described as skilled outsourcing functions that transfer some, or all in-house functionalities to be managed by a third-party managed service provider. The outsourced services are typically provided for a single monthly payment on a subscription basis. JDL Technologies published a survey in January 2016 survey of IT executives that provides some insights into the use of managed services and managed service providers.  The most astounding facts for me were the following about cost savings: The average cost benefits reported by surveyed companies who switch to managed services range from: Average Annual Savings = 30%-40%, and Average IT Efficiency Increase = 50%-60% The same was found for companies adding managed services to existing in-house IT capabilities, according to “Managed Services Market” by Managed Data Center. You would think that the cost savings would be the main reason companies decide to sign...
Rate this blog entry:
Continue reading
467 Hits

SQL Server on Linux… An Edsel in the Making or a Brilliant Move by Microsoft?

SQL Server on Linux… An Edsel in the Making or a Brilliant Move by Microsoft?
SQL Server on Linux Announced by Microsoft First of all, yes. It’s true. This week Microsoft announced that it is in the process of porting SQL Server over to Linux, and it will be available sometime mid-2017. For many in the IT and software communities, this is akin to GM building engines for Ford Pickup trucks. While Linux has always been a popular open source operating system for those wanting free software and no licensing limitations, Microsoft has in the past considered Linux as a cancer progressively eating into its market share, and only popular with rebels and anti-establishment types. The reality is that Linux became mainstream long ago. Today, a small majority of web servers are running on Linux, and Android (a Linux flavour) rules the smartphone, tablet and game console markets. Fortune magazine is calling this “blockbuster stuff”, and no wonder. ZDNet’s columnist Steven J. Vaughan-Nichols writes that “Microsoft’s fortunes are no longer based on Windows”. Instead, Microsoft's new cash cows are Azure and server applications. In particular, "Microsoft Azure is growing rapidly and is reported in the same group as traditional server products (SQL Server is up, Windows Server is down). Collectively, that pair is at the top of the list."...
Rate this blog entry:
Continue reading
469 Hits

25 Signs You May Need a Managed IT Services Partner

25 Signs You May Need a Managed IT Services Partner
25 Signs You May Need a Managed IT Services Partner …even if you already have an in-house IT department   IT management is not always on the “top-of-mind” for most executive teams. That’s probably best for most companies—it could mean everything is running as smooth as a well-oiled machine and there are no issues or emergencies screaming for your attention. Increasingly for many companies today, the reality is often different. In the last six months I’ve heard the words “chaotic”, “lacking”, “falling behind” and “embarrassingly outdated” to describe existing network infrastructures from new clients. These companies’ data systems were clearly at risk. Obviously, the best time to review your IT needs is long before you hear these words. But how do you know you’re a good candidate for Managed IT Services? We thought it would be helpful to give you some helpful clues here that you may need a managed IT services partner. Or maybe a better IT services partner. If you’ve ever heard any of these following comments in your organization, it’s time for a review. Here they are: our top 25 clues you may need a managed services partner Listen for any of these or similar comments… The exchange...
Rate this blog entry:
Continue reading
507 Hits

Cyber Attack Stats Reveal What Typical Target Companies Look Like

Cyber Attack Stats Reveal What Typical Target Companies Look Like
Cyber Attack Stats Reveal What Typical Target Companies Look Like Surprise—it’s not the big companies we usually read about… We’ve all seen the headlines about a national retailer or government organization getting hacked into, where either millions of client credit cards were stolen or huge databases of personal information were accessed and downloaded. These are the headline grabbers, and they happen almost weekly today. Where it does happen, it often causes unimaginable grief, money and/or inconvenience for clients and customers; and panic, great expense and reputation loss for the target companies.      This week we show you some surprising facts uncovered by Ponemen Institute in a benchmark study sponsored by IBM. What’s notable is that most hacking attacks are NOT on the high profile and billion-dollar companies. By far, the most common targets are small to medium size businesses where the average “take” is $15,000. These are typically easier targets to crack and make up a hacker’s bread-and-butter revenue streams. Hacking cost the global economy an estimated $445 billion dollars last year. That’s serious money at stake, and a serious incentive for criminal organizations to continue increasing their operations.     Time and Effort Facts about Targeted Attacks 70 HOURS...
Tags:
Rate this blog entry:
Continue reading
733 Hits
0 Comments

9 Truly Practical [Year-Round] IT Budget Tips for Making Your Work Life Easier

9 Truly Practical [Year-Round] IT Budget Tips for Making Your Work Life Easier
Practical IT Budget Tips for Making Your Work Life Easier “There’s got to be an easier way” may be a worn out cliché, but it’s seldom heard more often than in an IT department at budgeting time. Some people might enjoy it, but for most, the annual department budget is a real chore—yet so necessary. Believe me when I say that for IT departments, the annual budget can be a double-chore. It’s not just that Information Technology is more technical, with its evolving systems, hardware and software to account for. It’s the nature of our industry that unexpected “surprises” and events require frequent revisions, reviews and emergency upgrades during our budget periods. Plus we have no control over how often our system vendors provide software and driver updates, vulnerability patches, and bug-fixes that are becoming more frequent as the hacking world gets more dangerous and complex.   So here they are, our 9 Truly Practical [Year-Round] IT Budget Tips that will make your work life easier... (Editor’s note: Our thanks to Tech Pro Research who originally published much of our inspiration here in their annual CIO’s Guide)   The annual IT Budget may be a once-a-year exercise, but our tips here are easy things...
Rate this blog entry:
Continue reading
518 Hits

Latest Blogs List