• 888 238 7732
  • This email address is being protected from spambots. You need JavaScript enabled to view it.

Blog

Netcotech Blog

A Short History of Cybersecurity

cybersecurity_157468959_400

The way a business handles its network security typically defines what kind of problems come from their use of information systems. As a result, cybersecurity has become a major part of any forward-thinking organization’s IT strategy and has become a multi-hundred-billion dollar a year industry. Of course, it wasn’t always such a huge problem. The history of cybersecurity doesn’t go back very far, but since it has such a major impact, we thought it would be interesting to go back a couple decades and look at the brief history of the practice.

Continue reading
  715 Hits

These Companies Provide A Benchmark For Password Strength

password_security_400

We are never shy about insisting that certain standards are met when devising passwords, but many major companies are seemingly far less worried about password security than we are. A recent study conducted by the password manager developer Dashlane paints a troubling picture of the state of password security, providing anecdotal evidence in the form of some very well-known and trusted companies scoring at the low end of the password security spectrum.

Continue reading
  1113 Hits

Tip of the Week: It’s Possible to Change Your Windows Password Without Knowing Your Password, Here’s How

how_to_change_your_windows_password_400
In a recent survey, it was discovered that the average computer user has a whopping 27 online passwords to remember. Unsurprisingly, the same survey f...
Continue reading
  1243 Hits

Ransomware Use Increased By 752% in 2016. Trend Continues in 2017

your_company_vs_ransomware_400
​Looking back over the events of 2016, one thing was made very clear by cybercriminals: ransomware is a rising star in their arsenal. In order to cont...
Continue reading
  1212 Hits

Pokemon Go Brings New IT Threats to Company Networks

Pokemon Go Brings New IT Threats to Company Networks
Pokemon Go Brings New IT Threats to Company Networks Gaming isn’t exactly a recommend office activity for most businesses, how people spend their private time is generally their business. But because of the new Pokemon Go craze there’s a huge new rash of potential security risks to watch out for in your office, and you better get up to speed fast. Pokemon Go has quickly become the most popular downloaded game in North American history. Just as quickly, it’s attracted organized cybercrime, and with it an unprecedented onslaught of new phishing hazards. It’s not just the range of new traps that is surprising, but also speed in which they are coming on stream. These are the same criminal networks that have almost tripled phishing attacks on corporate employees this year . They're using adaptations and variations of many of those same successful tactics and tools on Pokemon Go players. So far it's been a smorgasbord for them.   If your company or organization has employees who play Pokemon Go who connect to your network with private mobile devices or VPN, your data security may soon be at risk.   Some quick stats about Pokemon Go you should know Consider that...

Continue reading
  2432 Hits

Is Email Phishing Unstoppable? Just don’t rely too much on your office antivirus software.

Is Email Phishing Unstoppable? Just don’t rely too much on your office antivirus software.
Photocredit: Stephen Coles; https://www.flickr.com/photos/stewf/ Is Email Phishing Unstoppable? Just don’t rely too much on your office antivirus software. Your antivirus software ~might~ be good at stopping viruses, but they’re becoming more irrelevant every day at protecting your data and devices. Some experts are pointing to a recent warning by the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (CERT), where they issued a warning about global security product Symantec and Norton Security products containing dangerous vulnerabilities . This doesn’t mean they’re completely useless and they don’t perform an important function. There’s a more important reason to not blindly trust your antivirus software to keep your data safe.   People tend to rely too much on them, giving them a false sense of security.   Evolving Threat Tactics Just a few short years ago, antivirus software protected against 80 to 90 percent of online threats. Today, it’s more like 10 to 20 percent because of constantly evolving threat tactics. While some company executives feel smugly confident about their level of antivirus security, cyber criminals are getting in through the company’s weakest links—the users.  An alarming trend is the aggressive growth of phishing techniques used by attackers in 2016. Hackers are spending...

Continue reading
  3964 Hits

How to Find Out if an Account Has Been Hacked

How to Find Out if an Account Has Been Hacked
How to Find Out if an Account Has Been Hacked The recent disclosure that Mark Zuckerberg’s own Facebook account password was hacked this week should set alarm bells off for anyone who’s ever created an online account. You have to wonder, if the Facebook founder’s email and password accounts aren’t safe, then what is? In case you haven’t heard, last weekend Mark Zuckerberg’s Twitter and Pinterest accounts were briefly hacked by a group calling itself OurMine. They demonstrated by announcing his lame password on his Facebook timeline. No, Facebook wasn’t hacked. Zuckerberg’s email and passwords were part of a LinkedIn database that was actually hacked back in 2012, ( along with up to 167 million others ), and just posted online in May this year. Since then, hackers have been having a heyday with them. So if Zuckerberg’s LinkedIn account was hacked, why did it affect his Facebook and Pinterest account? It’s because he used the same lame password for all of those accounts. And he never changed it after LinkedIn announced they were hacked. ...Since 2012. Apparently Zuckerberg is guilty of password laziness - using the same lame passwords on multiple accounts. He’s not alone. Along with millions of...

Continue reading
  1824 Hits

Microsoft Finally Bans Easy-Stupid Passwords

Microsoft Finally Bans Easy-Stupid Passwords
Microsoft Finally Bans Easy-Stupid Passwords If you see the above Reset your password line when logging into your Microsoft account--and it tells you to “Choose a password that’s harder for people to guess”--it’s because Microsoft won’t let you use your dumbass password any more. Earlier this week Microsoft turned on a new feature that dynamically updates a list of bad passwords, and will block users from trying to use them. From now on, you can forget about all those stupid passwords so many people stubbornly stick to, like 123456, password, 12345678, qwerty, 12345, 123456789, football, 1234567, dragon, and baseball. These are the top 10 most common passwords used by people, as gleaned in part by 117 million LinkedIn accounts that were originally hacked in 2012 and leaked last week, and by the password attempts hackers use on various Microsoft accounts. Alex Weinert from Microsoft's Identity Protection Team says that Microsoft has been collecting all the password guesses used by hackers from the 10 million daily hacking attempts they see. "We analyse the passwords that are being used most commonly. Bad guys use this data to inform their attacks,"  he explains . "What *we* do with the data is prevent you from...
Continue reading
  1997 Hits

DDoS Attacks: What to Expect & How to Mitigate

DDoS Attacks: What to Expect & How to Mitigate
DDoS Attacks: What to Expect & How to Mitigate   A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.   We’re talking about DDoS attacks today because they are so common now that most organizations in North America have experienced some form of DDoS attack in the last 12 months. In fact, one third of all downtime incidents are attributed to DDoS attacks, according to the worldwide Digital Attack Map (operated by Google Ideas and Arbor Networks). The New Botnet Armies Cyber attackers spend a lot of effort to build armies of botnets -  networks of infected computers -  by distributing malicious software via websites, social media, emails, attachments and other devious ploys (see Phishing in the Office Pool, some staggering facts on phishing, your employees and corporate risk ). Once infected, these botnet computers can be controlled remotely without their owners' knowledge, and used like an army to launch attacks against any targets. Some botnets are millions of computers strong. Launching Attacks Botnets generate massive floods of traffic to overwhelm a target. Some floods are more connection requests than the server can handle, while others...

Continue reading
  1754 Hits

Phishing in the Office Pool. Some staggering facts on phishing, your employees, and corporate risk

Phishing in the Office Pool. Some staggering facts on phishing, your employees, and corporate risk
Phishing in the Office Pool Some staggering facts on phishing, your employees, and corporate risk The term “PHISHING” covers a broad area. It’s arguably the most sinister form of cyber-attack, and it’s certainly the most common. And if you didn’t already know, it’s also considered as a major attack vector for entry into corporate and other network systems. The United States Computer Emergency Readiness Team (US-CERT)  defines phishing  as a form of social engineering to solicit personal or corporate information by posing as a legitimate organization or known individual. In other words, they’re looking for suckers to fall for some kind of scam. While most phishing attempts target “people” in general, whether at work or at home, it’s their compromised passwords, computers and cell phones that become a risk to the organizations they work for, as well as others. Phishing is deviously sneaky . The most common Phishing attempts are made through email, phone calls, texts, postal mail, social media, document attachments, websites and other means. The bait is usually designed to trick people into responding to an action. The easiest to spot and avoid types promise us miraculous results, call out to us for hot times on lonely nights,...

Continue reading
  2234 Hits

DDoS Attack Ransom Notes a Growing Menace for Businesses of All Sizes

DDoS Attack Ransom Notes a Growing Menace for Businesses of All Sizes
DDoS Attack Ransom Notes a Growing Menace for Businesses of All Sizes Reports of DDoS attacks—preceded by ransom notes—are surging, according to surveys conducted by IBM Security and Digital Shadows. This is alarming because, while a DDoS attack won’t destroy your data, it will still disrupt your business and result in significant expenses.     “It’s Extortion 2.0”, says Netcotech CEO Gideon Gideon, “These criminals are using black art cyber tools to extort money from innocent organizations, and they’re doing it anonymously and from a distance.” Once the scourge of governments and large multinationals, more and more small and medium sized businesses across all sectors are seeing increases in these and other types of cyber attacks.     A few years ago, most DDoS attacks were either politically or protest motivated, dirty tricks from competitors, weapons of war by governments, or used to cloak other hacking attempts. Cyber criminals have since learned that many smaller organizations will pay a fee of a few thousand dollars to avoid becoming victimized. Since it’s relatively easy to stage an attack, all they need to do is send out batches of Ransom Notes to pre-selected targets. After that the process is mostly automated. The...

Continue reading
  2228 Hits

Is Your Business Network a Hardened Vault or a Cardboard Door?

Is Your Business Network a Hardened Vault or a Cardboard Door?
I s Your Business Network a Hardened Vault or a Cardboard Door?           Whether a desktop, laptop or mobile device, almost every computer we use is connected to some type of network. More than simply internet access and email, our corporate networks let us work more efficiently, be more productive and save money doing it. They are integral components for functions like purchasing, selling, collaboration and customer service. The advancement of modern networking technology means we have greater access to more data available than ever before. And we’re continuously adding more business applications and databases year after year. This increases the complexity of our operations and our access to them.  “The nastiest growing threats for businesses today are hardware-centric cyberattacks, ransomware, zombie botnets and identity theft.” Unfortunately, this advancement and complexity is also adding to our security concerns due to the growing number of increasingly sophisticated cyberattacks on small and medium sized organizations . It’s no longer just data hijacking or DDS attacks that are growing, the nastiest growing threats for businesses today are hardware-centric cyberattacks , ransomware , zombie botnets and identity theft. Still, we seldom think of our physical networks unless they’re broken. We simply rely on...
Continue reading
  1932 Hits

Cyber Security Industry Shifting to Crisis Mode as Jobs Go Unfilled

Cyber Security Industry Shifting to Crisis Mode as Jobs Go Unfilled
Cyber Security Industry Shifting to Crisis Mode as Jobs Go Unfilled   The dramatic rise in cybercrime is affecting governments, companies, NPO and industry organizations of all sizes around the globe, but that’s just the beginning. The trend lines started in 2007 to 2013 when Cyber security job postings started growing at double the growth rate of all IT jobs. The labour pool has never caught up. Today, there are over 200,000 unfilled cyber security jobs in the U.S. alone. Cisco estimates that globally there are over one million cyber security job vacancies today. Michael Brown, Symantec’s CEO, expects demand to rise to 6 million positions by 2019, with a shortfall of 1.5 million. What does that mean? So far in 2016, the Enterprise Strategy Group says “ 46% of organizations now claim that they have a problematic shortage of cybersecurity skills representing an 18% year-over-year increase .” It means that cyber security teams are understaffed in many places, making it difficult to properly protect their organization’s networks. This news comes at a bad time. 2015 is already identified as the being the worse year ever for cyber crime, with nearly 1,000 major data breaches and countless others.   In Canada,...
Continue reading
  1892 Hits

Who Thinks These Weak Passwords Are Funny? The Joke is On Us.

Who Thinks These Weak Passwords Are Funny? The Joke is On Us.
Who Thinks These Weak Passwords are Funny? The Joke is on us.      We all know that password security is important—especially in an office. But our user's personal account passwords aren’t always top-of-mind when we think of office network and data security. It ought to be, because every user survey I’ve ever seen scares the crap out of me. It should scare you too. Security experts have been warning us for more than 20 years that the most common passwords people use online provide ZERO to NO barriers to intrusion by hackers. We collectively smirk and grin, and probably wonder at who these silly people are who think they’re securing their online accounts with such ridiculously simple passwords. “Stoopid people”, right? Well, the joke’s on us for everyone who manages an office with users who access an office network at work or from home. Let me explain, but first, you have to look closely here at SplashData ’s January 2016 Annual List of the 25 Most Common Hacked Passwords … Yes, it looks just like the same list of the most common passwords we saw three years ago, and three years before that. Why aren't people "getting it"? Rank   Password   Change from 2013 1...

Continue reading
  5284 Hits

NEW JOINT US/CANADA RANSOMWARE ALERT ISSUED

NEW JOINT US/CANADA RANSOMWARE ALERT ISSUED
New Ransomware Alert Issued US & Canada issue joint ransomware alert, discourage paying ransomware to cyber attackers The Canadian Cyber Incident Response Centre and the US Department of Homeland Security issued a joint ransomware cyber alert this week in response to the recent surge in attacks. Both government agencies strongly recommend that organizations and individuals NOT PAY the ransom demanded by cyber attackers. The new emerging variants are targeting healthcare in particular, and other organizations with attack strategies that are extremely ruthless and difficult to respond to. The warning was prompted by recent attacks at Hollywood Presbyterian in Los Angeles, Methodist Hospital in Kentucky, and MedStar, the biggest Washington, D.C.-area healthcare provider, among many others. In a profound understatement, the alert advised that “ransomware's consequences to an individual or institution could include a loss of sensitive data, a disruption of business operations and expenses to restore a system into working order”.   In case you’ve never heard the term before, Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid, usually with Bitcoins, an untraceable online currency.   Suggested Cyber Safety Tips In the meantime, please read following tips...
Continue reading
  2175 Hits

Cyber Attack Stats Reveal What Typical Target Companies Look Like

Cyber Attack Stats Reveal What Typical Target Companies Look Like
Cyber Attack Stats Reveal What Typical Target Companies Look Like Surprise—it’s not the big companies we usually read about… We’ve all seen the headlines about a national retailer or government organization getting hacked into, where either millions of client credit cards were stolen or huge databases of personal information were accessed and downloaded. These are the headline grabbers, and they happen almost weekly today. Where it does happen, it often causes unimaginable grief, money and/or inconvenience for clients and customers; and panic, great expense and reputation loss for the target companies.      This week we show you some surprising facts uncovered by Ponemen Institute in a benchmark study sponsored by IBM . What’s notable is that most hacking attacks are NOT on the high profile and billion-dollar companies. By far, the most common targets are small to medium size businesses where the average “take” is $15,000. These are typically easier targets to crack and make up a hacker’s bread-and-butter revenue streams. Hacking cost the global economy an estimated $445 billion dollars last year. That’s serious money at stake, and a serious incentive for criminal organizations to continue increasing their operations.     Time and Effort Facts about Targeted Attacks...

Continue reading
Tags:
  2420 Hits
© 2020 . All Rights Reserved. The IT Communication Group Inc Netcotech