Cybersecurity Archives

November 15, 2017

Identity Theft’s Reality

ID Agent is excited to offer this guest blog post from Megan Wells. Megan is a data journalist and content strategist at InvestmentZen who has written content on how data theft impacts Americans, technological interventions for personal and commercial finance and content for IBM and NASDAQ. With her examination of costs and the impact of Data Breaches, she shares how detrimental identity theft can be for MSP customers and their employees. Be sure to download her useful Infographic at the link below!

October 17, 2017

Protecting Employee Personal Data Fundamental to Corporate Security

If the keys to your house were sitting visibly outside for someone to take, would you just leave them in hopes that no one breaks in? Not likely. Similarly, the keys to the front door of most organizations are sitting on the Dark Web at the ready for use and exploit by criminal organizations and hackers. In fact, criminals, hacktivists and social hackers obtain and sell hundreds of thousands of stolen credentials on the Dark Web daily. Many times, exposure of employees’ personal credentials can lead to an internal corporate breach, where a compromise can turn into a corporate catastrophe.

September 08, 2017

Equifax’s Giant Security Breach – Inside Job?

Equifax’s giant cybersecurity breach announced yesterday – one of the worst ever – compromised the personal information of almost half the U.S. – potentially 143 million Americans. Residents in the U.K. and Canada were also affected. Based on Equifax’s investigation, the unauthorized access occurred from mid-May through July 2017.

August 03, 2017

NotPetya – a Threat to Supply Chains

Ukraine is a nation under digital siege. Over the past few months, it has suffered through four widespread infrastructure attacks, with the Russian government being suspected as the driving force behind the attacks — although to date, there’s no clear evidence of this.

July 20, 2017

The Important Lesson Learned from the U.K. Parliament Cyberattack

The Parliament’s computer network was recently targeted by a brute force attack. Weak password requirements allowed hackers to gain access to 90 of parliaments 650 member’s email accounts. Although IT staff or 3rd party cyber firms can implement strong cyber-security regulations, the members of the House of Commons, or employees at any company are typically the source of a breach. Without knowing it, Members of the Parliament created threats for themselves, that went undetected until it was too late. In order to minimize the damage or the attempt of blackmail, officials temporarily locked members out of their email accounts.

July 06, 2017

What an MSP can do to Protect Their Clients from the Dark Web

Not familiar with the term “Dark Web”? That’s okay, even some of the most sophisticated individuals in the tech space have no idea what the dark web is and how it’s accessed. As an MSP or MSSP, you are doing your part to secure and monitor your client’s network and provide a seamless user experience. However, through no fault of your own, your client’s and their employees are not making your job easier by creating credential-based blind spots that until now were hard to detect and mitigate.

June 19, 2017

The Biggest Threat to your Network Security: Email Communications

When it comes to protecting your businesses infrastructure, it is safe to assume that you have some form of cyber protection activated. But email communications represent the biggest threat of all, because it takes advantage of the end user, in one form or the other. It generally only requires one misstep from a member of a network to unleash a catastrophic chain of events within that network.

June 16, 2017

63% of Data Breaches Result From Weak or Stolen Passwords

In its recent 2016 Data Breach Investigations Report, Verizon Enterprise confirmed many industry trends that we see at ID Agent every day. The most glaring blind spot for organizations is how stolen credentials are the primary means by which hackers exploit their vital systems.

June 15, 2017

OneLogin – When Password Storing Goes Wrong

OneLogin, a company that provides single sign-on capabilities to safely store passwords of over 23 million users including 2,000 businesses, has suffered a compromise that included the ability to decrypt customer data. In a recent blog, the company revealed that an attack occurred May 31st at 2 am and was identified by a staff member around 9 am. Through that attack, sensitive information such as user information: passwords and emails, various keys from companies and login credentials for a slew of cloud applications were potentially compromised. In the OneLogin blog post, it was stated that they “…cannot rule out the possibility that the threat actor also obtained the ability to decrypt data.” And according to the email sent out after the breach, customers were instructed on steps they should take to proactively prepare themselves. They were advised to force a OneLogin Directory Password Reset for end users, update credentials on 3rd party apps for provisioning and to do numerous other things. The email also included further updates and information.

June 12, 2017

The Ransomware Assault on Healthcare

Hospital networks can unfortunately become a goldmine for attackers that use ransomware worms as their weapon. If deployed, lives may be endangered, hospitals usually must pay the ransom, or pay to get files retrieved and its reputation could be damaged. Because these attacks are increasing due to lucrative benefits, teaching and reminding hospital staff to use valuable cyber hygiene is imperative.

Category: Cybersecurity