Hacked Networks And Credentials Being Sold At Alarming Rates

 

Selling network access is big business on underground hacking websites. Even worse, the business is growing at an alarming rate, according to a report recently published by cybersecurity firm KELA.

According to their report, the number of ads found on hacking forums advertising 'Network Access' tripled between August and September, 2020.

The value of the login credentials sold during the most recent month was valued at more than half a million dollars.

Ads like these have been a staple of hacking forums for years, but they gained a tremendous amount of popularity in mid 2019, when a number of vulnerabilities in major networks around the world were disclosed.

 

 

Hackers around the world were quick to pounce, often attacking vulnerable networks. Once a network had been breached, the next logical step from the perspective of the hackers, was to figure out how to monetize the access they had gained.

That, of course, led to a surge in ads, which allowed hackers who lacked the 'street cred' and reputation in the cloistered hacking community increased access to compromised systems around the world. This, in turn, led to yet more attacks against vulnerable systems, which is at least part of the reason we're seeing so many attacks today.

The price a hacker can get for access to a compromised network obviously varies from one to the next. KELA found some network access being sold for as little as $25. At the top end, access to a major network with a global footprint can go for more than $100,000, with the average being just shy of $5000.

This is why hackers do what they do. There's big money, not just in accessing your data, but also in selling future access to it. Stay vigilant, this is a problem that's not going to go away.

 

Call SpartanTec, Inc. now if you want to make sure that your business is protected from hackers and other online threats. Our team will set up the most effective cybersecurity Wilmington NC measures to make sure that your personal and business credentials are safeguarded at all times.

 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
http://manageditserviceswilmington.com

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Monetary Demands Are Skyrocketing For Ransomware Decryptions

Ransomware attacks have evolved quite a lot over the course of the past year, and have become one of the most visible threats organizations of all sizes face.

That is, based on recently published research conducted by Group-IB, which analyzed the rapidly changing threat landscape. Their findings should disturb every business owner.

Here's a quick overview:

First and foremost, ransomware attacks have become much more commonplace. The year 2019 saw a 40 percent increase over 2018, which is a clear indication that hackers around the world are increasingly seeing ransomware strains as their preferred vehicle for attacking organizations.

Second, the average size of the ransom demanded has been steadily increasing, moving from just $6,000 to a staggering $84,000. The focus is on large corporations and government agencies being the driving factor behind the dramatic increase.

In terms of tactics, far and away, the most common means of gaining an initial foothold onto a corporate or government network is RDP (Remote Desktop Protocol). RDP serves as the point of entry for 70 percent-80 percent of the attacks.

Aside from this, incident response teams report that exploit kits and spear phishing campaigns were also used regularly, though these were vastly overshadowed by RDP. The teams responding to Group-IB's information requests also noted that more advanced ransomware actors relied on advanced methods that gave them access to more valuable targets.

The methods the hackers used include:

• Compromising MSP's (Managed Service Providers)
• Exploiting un-patched vulnerabilities in applications
• Compromising supply chains

The bottom line is that no one is safe, and the price of a successful breach has increased dramatically. Worse, an increasing percentage of hackers are now demanding not one, but two ransoms from each target they hit. The initial payment to unlock encrypted files and a second payment to delete their copies of stolen files, rather than publishing them for all to see.

The best way to keep your company safe from this particular threat is to minimize your reliance on RDP and to make sure you've got a robust backup plan in place. If you haven't yet taken both steps, the time to do so is now.

Call SpartanTec, Inc. now and let our IT team help keep your company safe by setting up the most effective cybersecurity strategies to protect your business against online threats. 

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
http://manageditserviceswilmington.com

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

How To Stay Safe From Hackers When Working From Home?

Working remotely can leave you vulnerable to hackers not only during these times when there’s a global health crisis but even in normal times. With millions people in the United States asked to stay at home to prevent the spread of the coronavirus, many of them now work at home using their phones or personal computer. Experts say that this makes a wider target for cybercriminals.

You’re less likely protected by a software that scans every file you download or every link you click when you are working at home. Furthermore, you’ll be filled with worries over the continued spread of the virus that is currently threatening to overwhelm the country’s health care system, and by all the logistical issues that is presented as you adhere to the stay at home order.

There are some basic steps you can take to mitigate the risk especially since hackers have become increasingly active these days. Zscaler researchers have noted a 20% increase each month in overall hacking reports and a rise in hacking threats using terms such as COVID-19 or coronavirus to trick some users into installing a malicious software or giving out sensitive information. Although Microsoft said that the overall number of attacks that use the pandemic is very small, it still reminded people that now is the best time to protect themselves fro hackers.

Tips For Safer Remote Working

Since you are not in the office, your firm may have hard time updating your software automatically. And you may not even know it, but IT experts whose job is to keep hackers at bay say that updating your software is one thing that you should not forget to do.

Use Two-Factor Authentication

In case hackers manage to get into your system, they may be able to access your passwords and usernames. Thankfully, there’s the two-factor authentication. It can help make accessing your system harder for cybercriminals. Two factor authentication will require you to key in a one time code or ask you for a hardware token after you enter your so you can log in to your system.

By having this feature enabled, the password that hackers have stolen from you won’t be enough to log in into your bank account or the payroll system of your company. It is a very common step but is extremely effective.

Avoid Phishing Scams

You should always be mindful any suspicious message that could come from scammers and hackers. Microsoft said that 91% of cyberattacks start with a malicious email, and this is referred to as a phishing attack. Be careful and don’t click on anything that looks suspicious.

Boost Your Personal Security

For those using a work computer at their homes, security tools like corporate anti-virus software are commonly running by default. In case you have access to a VPN, you could use it to get access to your company network, where your employer could protect you even if you’re home.

This doesn’t work for all firms, which may not be ready to have their employees use the VPN at the same time so it’s worth consulting your employer regarding this. Another option is to use a personal VPN, but that’s generally for protecting your personal privacy since these services are not meant to safeguard you from malicious apps and software.

Call SpartanTec, Inc. in Wilmington if you want more information on how you can work safely from home.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Cybersecurity Tips For Working From Home

Social distancing is one of the most crucial measures to lower the spread of COVID-19. Businesses are also doing everything they can to keep their employees safe and that includes instructing or encouraging them to work from home. But, transferring from a secure office setting to working remotely could open up various security risks. Apart from that, nasty hackers and cybercriminals are already using the virus as a subject for their phishing scams in hopes that their victim would click through and give out their passwords and other information.

Considering the rapid rise in remote working, ENISA, a European cybersecurity agency, has provided a few recommendations for businesses that move to teleworking due to COVID-19. The agency said that it noticed a rise in the phishing attacks that use the coronavirus topic as a front. The agency suggests that workers try not to mix leisure and work activities on the same device and be especially careful in opening emails concerning the coronavirus. These days, cybercriminals are exploiting the crisis so watch out for scams and phishing emails.

ENISA also warned that remote workers have to be cautious of emails that ask to renew or check their passwords as well as their login credentials, even if they look like they come from a trusted source. It is important to verify the email’s authenticity especially if it comes from people you don’t know and they’re asking that you open files or connect to links. Phishing messages create a sense of urgency to force you to click a link. You should also be careful of emails that come from people you know. Double-check everything and don’t click on any link if you are unsure what it’s for.

Security Tips For Remote Workers

• Make sure that you have a secure Wi-Fi connection. Although most Wi-Fi has been secured correctly, a few older installations may not be and that means people close by could snoop your traffic.
• Install an antivirus program and update it regularly.
• All of your security software must be updated. You should check browser add ons, privacy tools, as well as other patches on a regular basis.
• You should have a backup strategy set in place and don’t forget to use it if the situation calls for it. Regularly back up important files so you don’t have to worry about losing data in case of a ransomware attack.
• Always lock your screen especially if you are working in a shared space. If possible, avoid working in shared or co-working spaces at this time and follow social distancing to avoid spreading the virus.
• Use a secure connection.
• Install encryption tools.

Security Tools For Employers

• Provide feedback to employees on how they need to react when they face problems. They need to know who to call. They also need to familiarize themselves with emergency procedures.
• Prioritize the support of solutions for remote access.
• Offer virtual solutions
• Provide enough support when there is a problem.
• Create a clear procedure that will be followed in case of a security breach.
• Restrict access to sensitive information and systems when needed.

Get your free work from home guide here.

Call SpartanTec, Inc. in Wilmington if you need the help of IT experts in making sure that your network is safe and your remote workers are safe from online threats as they work from their homes.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro

Companies Lose An Average of $200,000 On Cyberattacks

Cybercrime is a type of criminal activity that’s becoming increasingly prevalent these days. What’s even more worrying is that cyberattacks are set to cost companies all over the world as much as $5.2 trillion in just five years.

Cybercriminals love to target small businesses and 43% of online attacks are aimed at them. The problem is a meager 14% of these firms have made the effort to protect themselves against such attacks. If you are a small business owner, you need to prioritize information security.

IT experts guarantee that every modern company’s state of the art perimeters will be breached eventually. Therefore, for small businesses, it’s no longer about if these security threats will happen but when they will take place.

To make things worse, the results of cyber attacks rise and such incidents now cost small businesses an average of $200,000. About 60% of the businesses that were breached have gone out of businesses six months after they were attacked.

The number of occurrences of these cyberattacks has gone up as well with over 50% having of the total number of small businesses suffered a breach within the past year. Plus, 4 out of 10 small companies having suffered multiple cyberattacks.

Even though this is already the case, 66% of the executives of small businesses still think they won’t be targeted by cyber criminals. Moreover, six out of ten don’t have any cyber defense plan of any kind, which means there’s a great need for improved education and industry awareness.

The damage that is brought upon a compromised company becomes worse because it usually takes about 101 days before company owners and business operators detect that they were hacked.

The costs that these compromised businesses need to cover can also pile up quickly. Aside from the attorney’s fees and other ancillary costs that you have to deal with, you will also be faced with the issue of losing customer confidence and loyalty as well as business relationships.

There are 30.2 million small businesses in the U.S. right now. If they wish to be protected from most, if not all types of online threats, they need to set in place a comprehensive IT security strategy.

• Make backups and duplicates of files and data every day.
• A network firewall, anti-virus, and tools for information encryption should be installed and updated regularly. They will scan and counteract harmful programs and viruses, and keep sensitive data safe and secure.
• Employees should only be given access to files, folders, and applications they need to use to do their job.
• Staffers must be trained regularly, every three months at least, and inform them of the latest cybercrime trends and online threats.
• Test the ability of your employees to detect scammers. You should also check how they respond to fraudulent requests.
• Perform tests for ongoing vulnerability and conduct risk assessments on installed applications and computer networks.
• Install cyber analytic tools that could scan user accounts, applications, networks to detect and halt any suspicious activity before they spread.

Why Companies Need Threat Intelligence?

Please remember that cyber threats may come from internal and external sources. With the increasing number of sensitive data that businesses handle these days, the best cyber defenses today are multipronged.

Call SpartanTec, Inc. and let our team of IT experts help you set up measures to protect your business from cybersecurity threats.

SpartanTec, Inc.
Wilmington, NC 28412
(910) 218-9255
https://spartantec-wilmingtonnc.business.site/

Cities Served:
Wilmington, Silver Lake, Sea Breeze, Carolina Beach, Eagle Island, Leland, Wrightsboro