Need Reliable Computer Support & IT Services? (703) 493-1796
Need Reliable Computer Support & IT Services? Call NOVA Computer Solutions at (703) 493-1796
Are We Learning Anything From All These Cyber Attacks?
So many big, expensive cyber attacks have taken place in the last few years that it’s hard to remember them all – when will we learn our lesson? Cyber attacks are common ground these days. There was the Chase Bank breach of 2014, which exposed the financial information of 76 million Chase customers. This attack […]
Are We Learning Anything From All These Cyber Attacks?
BYDaniel De Steno|March 28, 2018|Business IT Articles, News, and Tips
So many big, expensive cyber attacks have taken place in the last few years that it’s hard to remember them all – when will we learn our lesson?
Cyber attacks are common ground these days. There was the Chase Bank breach of 2014, which exposed the financial information of 76 million Chase customers. This attack was set to target 10 major financial institutions in total, but only one other company reported that data had been stolen. This company was Fidelity Investments. Though the attack caused serious repercussions for Chase Bank, the damage could have been much worse. Four hackers (two from Israel) were eventually arrested.
Hacking Isn’t Just About Stealing Data
In the Sony Pictures data breach of 2014, over 100 terabytes of data was stolen by North Korea. This attack was about more than just getting the personal information of consumers. The attack occurred because of a movie that Sony Pictures was set to release called “The Interview”.
The movie, starring Seth Rogen and James Franco, was a fictional story about two journalists who go to North Korea to interview Kim Jung Un. The two men actually work for the CIA and are planning to assassinate the very well-known but unpopular leader. It was believed that North Korea’s leader ordered the cyber attack on Sony Pictures to show his displeasure and disapproval of the film. In addition to the personal information of Sony executives and other employees, hundreds of photos and emails were released to the public. These highly personal items caused a massive amount of embarrassment to Sony’s top executives.
No One Is Safe from Hackers
Proving that no one is immune from cyber hackers, Equifax, one of the nation’s largest credit reporting agencies, was infiltrated by hackers in mid-2017. The company estimated that approximately 143 Americans were affected. In addition, an unknown number of consumers from Canada and the UK were affected by this breach. Were there any signs that an enormous data breach like this might occur?
A report issued in October of 2017 by Motherboard, found that Equifax had certain vulnerabilities due to an online portal created for employees. Researchers discovered that the Equifax website was highly susceptible to a basic forced browsing bug. A researcher from Motherboard said that he didn’t even have to do anything special to infiltrate the system. It was far too easy to get in.
“All you had to do was put in a search term and get millions of results, just instantly—in cleartext, through a web app,” the researcher said.
In spite of this information being available to Equifax, it took them six months to close the portal and shut down these vulnerabilities. In this day and age, it’s unthinkable that organizations as sophisticated as Equifax might be so lax in their data security.
The Final Cost of Cyber Breaches
Target Stores lost millions of dollars when they had to reimburse customers for their losses after their 2013 data breach. In addition to that, a class action lawsuit was settled for roughly $10 million. As if that wasn’t enough, 20-30 percent of Target shoppers said they were worried about shopping online at Target stores after the breach.
Are We More Vulnerable Than We Believe?
Many data security experts believe that cyber weaknesses like this are far more common than the public believes. In an era when everyone should be fully aware and taking every precaution to prevent a data breach, numerous large corporations remain at risk.
After all is said and done, most people would expect any organization that has experienced a cyber theft to drastically improve their cybersecurity. Large, expensive data breaches leave an organization open to legal action, plus they’re embarrassing. Consumers say that they are less likely to do business with any company that has been a victim of a cyber breach.
But has that really happened? A new study performed by CyberArk reveals that 46 percent of all companies who have experienced a cyber breach have not substantially updated their security policies.
This failure to learn from past mistakes has the public truly baffled. In some cases, IT professionals have been interviewed and asked why they haven’t greatly improved their cybersecurity. Over 30 percent of these pros said that they did not believe it was possible to prevent all cyber-attacks. This indicates that even security experts aren’t sure what to do to stop future attacks from occurring. But, should we simply make the decision not do anything at all?
New Report Sheds Light on the Problem
A 2018 report from CyberArk called, “Global Advanced Threat Landscape Report”, indicates that at least half of all businesses and organizations have only taken the basic security measures required by law. Though their public relations department may say they are taking every precaution to protect customer data, this is probably not true. In addition, 36 percent of respondents in the report said that administrative credentials were currently being stored in Excel or Word docs. These documents would be easy to obtain by any hacker with average skills.
The Global Advanced Threat Landscape Report also reveals that the number of users with administrative privileges has jumped from 62 percent to 87 percent over the past few years. This points to the fact that many companies are opting for employee convenience over data security best practices. This is an alarming statistic given the soaring cost of cyber breaches.
Moving Into the Future with Better Cyber Security
The new AT&T Global State of Cybersecurity highlights many of the critical gaps that remain in our cybersecurity strategies. IT infrastructure and critical data must be fully protected, including credentials and security answer keys. In most organizations, those in higher positions are given greater access and authority to online data and this equates to heightened risks of a cyber breach.
According to Alex Thurber, Senior Vice President and General Manager of Mobility Solutions, “If 2017 has taught us anything, it is that every device needs to be secured because any vulnerability will be found and exploited”.
The company is set to sign a deal with Punkt Tronics to install better security on smartphones, Blackberry devices, and other electronic devices. With consumers spending more and more time browsing on their cell phones, all mobile carriers are searching for ways to better protect their customers from hacking.
What Consumers Can Do
A great increase in the sale of anti-virus software and password managers demonstrates a strong resolve by consumers to incorporate stronger security measures into their everyday lives. Innovative technology is producing a new generation of security software that combines threat defense techniques and other more conventional means of cybersecurity. Though some of these techniques are having an impact, experts believe there’s much more to be done.
As our society becomes more aware and more prepared, even stronger security for IT systems will be developed. Until then, security experts urge the public to be more cautious about clicking on links. Employees at any company need regularly scheduled security meetings where they are educated and reminded to utilize best practices when using smartphones and computers. All programs should be updated regularly with software updates and fixes to known bugs. Create difficult passwords and change them every 90 days. These are just a few of the ways that consumers can stay safe while surfing on the internet.
Schedule you free consultation by filling out the form below.
NOVA-MAINTAIN Program Terms and Conditions
This Agreement was entered between NOVA Computer Solutions L.L.C. referred to as “NOVA” and the above referenced client also referred to as “Client”. The parties agree to abide by the terms and conditions as set forth in this agreement.
Period of the Agreement: This Agreement is effective as of the contract effective date and remains in effect for 36 months. The contract is renewed automatically after the initial 36 months on a 12 month basis. Upon termination there shall be no refund or credits allowed.
System Maintenance Services: Professional services include, but are not limited to time spent – either at Client or NOVA’s site. (a) Exclusions: Unless so specified, the Covered System does not include any cabling, or any wiring external to the Covered System, telecommunications devices (including modems), peripheral equipment, software. In no event shall the Covered System include removable magnetic or optical media, ink ribbons, toner cartridges, paper or other supplies, expendables or services.
System Maintenance Services: NOVA shall perform Virtual Maintenance Services at least once per month. If client experiences a Major Alarms the client will notify NOVA by telephone. Client shall cooperate with NOVA’s reasonable requests for assistance to determine the cause of the reported problem and whether an on-site Maintenance Service visit is required. NOVA may assist Client with additional services outside the scope of the Maintenance Services. This assistance will be billed at NOVA’s prevailing hourly rate.
Fees: The monthly Fee shall be invoiced in full at the beginning of every month. Any other amounts due hereunder, including the applicable Surcharge Rate or any reimbursable out-of-pocket costs, shall be invoiced monthly as well. The rate for additional time needed per month for System Maintenance Services will depend on the package you select. No Travel Cost Within in 25 Miles of Primary Support Office, Discounted Rate for over 25 miles.
Certain Client Responsibilities: Client shall ensure that: (I) all software and hardware is installed and operated according to applicable manufacturer specifications; (ii) all upgrades and releases have been properly installed; (iii) a uninterrupted and suitable power supply and other environmental conditions have been implemented and maintained; (iv) suitable surge protection devices have been implemented; (v) no other equipment or software having an adverse impact on the system have been introduced; (vi) no repair attempts or other changes have been made other than by or with the express approval of NOVA or the applicable manufacturer, (vii) the systems haven’t been mishandled, neglected, abused, damaged by fire, lightning or water, or otherwise subjected to unusual electrical or physical stress (viii) Client periodically makes and stores in a safe place archival copies of all software and all valuable data. (a) Failure to Comply. NOVA may refuse to provide Service or may treat any such work as Other Billable Maintenance Service at NOVA’s prevailing hourly rate.
Cancellation Policy: NOVA or Customer may cancel this contract for any reason with 90 days written notification.
Limited Warranty: Client must notify NOVA of any dissatisfaction, problems, or concerns within 3 days of the date the services were provided. Client will grant NOVA a reasonable amount of time to resolve problem to Client’s satisfaction. NOVA represents and warrants that it will use its best efforts to perform Maintenance Services in a competent and workmanlike manner.
Limitation of Liability: NOVA shall have no liability or responsibility to Client or any other person or entity with respect to any liability, loss, or damage caused directly or indirectly by a manufacturer or third party equipment or programs sold or provided by a manufacturer or third party. This includes, but not limited to, any interruption of service, loss of business or anticipatory profits, or consequential damages resulting from the use or operation of the equipment. NOVA shall not be liable for any loss of data at any time, under any circumstances. Client is responsible for backing up all its data before NOVA performs any service.
Late Charges, Collections and Attorneys’ Fees: Client will be charged $40.00 for each returned check. Client will be responsible for all attorney fees and costs incurred and collection fees. Any late payment shall be subject to any costs of collection, reasonable legal fees and shall bear interest at the rate of eighteen (18) percent per month or fraction thereof until paid. Client shall pay amounts invoiced under the terms of this Agreement within seven (7) days after receipt of invoice. In any dispute, action, arbitration, bankruptcy, probate, or administrative or judicial proceedings, or any settlement thereof, NOVA shall be entitled to recover attorney’s fees and costs.
Fee Increases: This contract has an automatic 5% increase yearly and NOVA reserves the right to revise fees at any time. NOVA will provide the Client of the updated fee’s, other than the automatic yearly increase, fifteen (15) days prior to the next month’s invoice.
I / We have read and understand the Terms and Conditions above and agree to be bound by them by digitally accepting the attached quote for services.
Free Dark Web Scan to Reveal Your Leaked Passwords