954-866-1600    Get SUPPORT

Evolution Networks Blog

Evolution Networks has been serving the South Florida area since 2003, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How Prepared is your HOA to Protect Sensitive Information?

evolution-networks-stay-safe-from-cyber-attackers

All homeowner associations have access to sensitive owners' data. From social security numbers and driver license information to credit card numbers, you are responsible for keeping them out of the wrong hands by boosting your cyber security efforts.

According to RiskBased Security, in the first half of 2019, over 3,800 breaches were reported, exposing over 4.1 billion records. How prepared are you to protect sensitive information? As technology advances and HOA relies on digital services and products, the risks of data theft increase every day.

Let's talk about ways to improve cybersecurity for your community and protect sensitive association data from hackers in 2020.

1. Clarify Security Procedures

Each homeowner association should have certain security procedures. Limit access to sensitive information to people, who can't avoid working with it.

Document rules about access clearance. There shouldn't be any misunderstandings about the procedure.

Make it clear to the board members that data access restrictions aren't set up due to a lack of trust but to enforce cybersecurity measures.

2. Employ Strict Password Protection

All applications and documents must be protected by passwords. Uploading documents to a cloud is a convenient storage method. However, sharing access without a password makes it a risky one.  

You have to create strong passwords that contain symbols and numbers. Never use the same combination for several purposes. If you are having a tough time creating and remembering numerous strong passwords, you can take advantage of password managers.   

3. Limit BYOD (Bring Your Own Device)

When HOA members are using personal devices to access sensitive information, they are putting the data at risk. Large companies work out complex BYOD (Bring Your Own Device) policies to ensure all their information stays safe.

If you aren't ready to invest time and money in such a policy, access all the data from properly protected office computers.

4. Consider Cyber Liability Insurance

Cyber liability insurance protects you in case there is a data breach. Depending on the policy type, it can cover immediate financial losses related to the breach as well as claims that may occur because of cyber-attacks. For example, if a homeowner sues the association for problems encountered due to data loss, the insurance covers the expenses.

If you decide to pay for such insurance, make sure to discuss it in detail. Such policies aren't standardized and may contain unique terminology. They can also be based on a retention/deductible, an amount you have to pay before the insurance company makes its payment.  

5. Destroy Old Files

As soon as you don't need the information anymore, destroy it. Keeping old files just because you don't have time to deal with them increases your vulnerability.

Make sure to erase files fully. Clicking "delete" simply sends them to the trash bin. Clearing the trash bin won't do it either. You need to remove the information without the possibility of recovery, which would require using a third-party shredding tool.

6. Update Your Software

According to a survey done by Voke Media, about 80% of companies that experienced breaches could have prevented them with a software update.

The key reason to update any software you use on HOA computers is to improve cybersecurity. Don't miss or ignore updates.

By the way, if you are still working with Windows 7, it's time for an upgrade since Microsoft has stopped supporting it recently.    

7. Consult an IT Expert

If you don't have a staff IT expert, you should outsource IT-related tasks. This specialist should consult you on cybersecurity measures and offer solutions for HOA data protection. 

Cyber security is quickly becoming the top concern for the majority of companies all over the world. Implementing the above security measures today can help you avoid serious consequences in the future. 

Evolution Networks has the measures and solutions for protection of your HOA data.  Get in touch with us and we will guide you through the steps to get and stay compliant and secure. Contact us here.

0 Comments
Continue reading

Why do HOAs need to know about Cyber Security?

Evolution-Networks-HOA-Cyber-Liability

Because everything is digitized, sensitive online information is subject to a cyberattack. Cyberattacks are “an attempt by hackers to damage or destroy a computer network or system,” according to Google.

This warrants serious concern for homeowners associations that digitally systemize resident information, including full names, current and former addresses, social security numbers, credit history, and contact information.

On top of sensitive resident information, most homeowners associations keep important HOA financial documentation on an digital system. From HOA fees to contractor paychecks to annual taxes, HOA finances would be a big loss.

What information do cyberattackers want?

Hackers are looking for personally identifiable information (PII) to sell on the “dark web.” The dark web is a digital black hole for stolen identities, fake passports, and other illegal activities. This means that resident information is in-demand currency.

If a cyberattack occurs in your HOA community, PII of former and current residents is at risk. This puts your community at a liability, and you in a courtroom.

What are common cyberattack methods?

The most common method of a cyberattack is an email scam like phishing. This is “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers,” according to Google.

With the help of All Property Management, here’s a recap list and a few new tips for the best cybersecurity for HOAs:

Email Cybersecurity

  • Set up a spam filter.
  • Don’t open an email if you don’t know the email address.
  • Don’t digitally share sensitive information with any contact that you don’t recognize.
  • Don’t open zip files, download attachments, or click links from untrusted emails.
  • Set up a Google Alert for big data breaches and ransomware attacks.

Password Protection

  • Create strong password for any digital system in an HOA. A lengthy password that consists of a short, memorable sentence (also known as a passphrase) is better than a single word.
  • Incorporate as many letters, numbers, and symbols as each system allows.
  • Don’t use any dictionary words or names unless they’re part of a passphrase.
  • Use a mix of capital and lowercase letters.
  • Avoid using a common password.
  • Don’t reuse passwords or use a master password for multiple systems. If a hacker finds out the master password, all sensitive information is compromised.
  • Use a password management software like 1Password to create and store secure passwords for use across all systems. 1Password also stores usernames, account numbers, and other pertinent information.
  • Change the default password on the router. Anyone who tests the router has access to the entire digital community otherwise.

HOA Board Member Training

  • Limit who has the WiFi password. Visitors should be on a separate network.
  • Train all HOA board members on the importance of password protection, potential of cyberattacks, and best cybersecurity measures.
  • Decide which board members can access sensitive information. This minimizes who knows master passwords.

Software & Data Measures

 

  • Update all system software as soon as possible. An update creates a stronger version of the software. By choosing to update later, you’re using a weaker, more susceptible version.
  • Invest in an antivirus software to scan for potential Trojan horses, ransomware, and other cyberattacks.
  • Don’t hold onto records longer than required. This minimizes what could be stolen in a cyberattack.
  • Back up any data onto an offsite location. If you back it up to a cloud solution, talk to the provider about cloud security.
  •  

    Source: IKCommunity

    If you feel that your HOA could use a little more attention when it comes to Cyber Security, we're here to help.  Let's schedule some time to discuss.  Evolution Networks

    0 Comments
    Continue reading

    Has your browser been targeted by recent Malware attack?

    web-browser-800x600

    Chrome, Firefox, Edge, and Yandex are all affected in widespread ad-injection campaign.

     

    Adrozek, as the software maker has dubbed the malware family, relies on a sprawling distribution network comprising 159 unique domains with each one hosting an average of 17,300 unique URLs. The URLs, in turn, host an average of 15,300 unique malware samples. The campaign began no later than May and hit a peak in August, when the malware was observed on 30,000 devices per day.

    Not your father’s affiliate scam

    The attack works against the Chrome, Firefox, Edge, and Yandex browsers, and it remains ongoing. The end goal for now is to inject ads into search results so the attackers can collect fees from affiliates. While these types of campaigns are common and represent less of a threat than many types of malware, Adrozek stands out because of malicious modifications it makes to security settings and other malicious actions it performs.

    “Cybercriminals abusing affiliate programs is not new—browser modifiers are some of the oldest types of threats,” researchers from the Microsoft 365 Defender Research Team wrote in a blog post. “However, the fact that this campaign utilizes a piece of malware that affects multiple browsers is an indication of how this threat type continues to be increasingly sophisticated. In addition, the malware maintains persistence and exfiltrates website credentials, exposing affected devices to additional risks.”

    The post said that Adrozek is installed “through drive-by download.” Installer file names use the format of setup__.exe. Attackers drop a file in the Windows temporary folder, and this file in turn drops the main payload in the program files directory. This payload uses a file name that makes the malware appear to be legitimate audio-related software, with names such as Audiolava.exe, QuickAudio.exe, and converter.exe. The malware is installed the way legitimate software is and can be accessed through Settings>Apps & Features and is registered as a Windows service with the same file name.

    The graphic below shows the Adrozek attack chain:

     

     

    Once installed, Adrozek makes several changes to the browser and the system it runs on. On Chrome, for instance, the malware often makes changes to the Chrome Media Router service. The purpose is to install extensions that masquerade as legitimate ones by using IDs such as “Radioplayer.”

    Bad extensions!

    The extensions connect to the attacker’s server to fetch additional code that injects ads into search results. The extensions also send the attackers information about the infected computer, and on Firefox, it also attempts to steal credentials. The malware goes on to tamper with certain DLL files. On Edge, for instance, the malware modifies MsEdge.dll so that it turns off security controls that help detect unauthorized changes to the Secure Preferences file.

    This technique, and similar ones for other affected browsers, has potentially serious consequences. Among other things, the Preferences File checks the integrity of values of various files and settings. By nullifying this check, Adrozek opens browsers up to other attacks. The malware also adds new permissions to the file.

    Below is a screenshot showing those added to Edge:

     

    The malware then makes changes to the system settings to ensure it runs each time the browser is restarted or the computer is rebooted. From that point on, Adrozek will inject ads that either accompany ads served by a search engine or are placed on top of them.

    Thursday’s post doesn’t explicitly say what, if any, user interaction is required for infections to occur. It’s also not clear what effect defenses like User Account Control have. Microsoft makes no mention of the attack hitting browsers running macOS or Linux, so it's likely this campaign affects only Windows users. Microsoft representatives didn’t respond to an email asking for details.

    The campaign uses a technique called polymorphism to blast out hundreds of thousands of unique samples. That makes signature-based antivirus protection ineffective. Many AV offerings—Microsoft Defender included—have behavior-based, machine-learning-powered detections that are more effective against such malware.

    Source: ARS Technica

    0 Comments
    Continue reading

    If you use Microsoft Office 365, you need to be aware of this new attack.

    office-365

    A  spearphishing attack is spoofing Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers.

    Researchers at Ironscales discovered the campaign targeting several thousand mailboxes at nearly 100 of the email security firm’s customers, Lomy Ovadia, Ironscales vice president of research and development, said in a report posted online Monday. Other industries being targeted including telecom and insurance companies, he said.

    The attack is particularly deceiving because it deploys an exact domain spoofing technique, “which occurs when an email is sent from a fraudulent domain that is an exact match to the spoofed brand’s domain,” Ovadia wrote. This means even savvy users who check sender addresses to ensure an email is legitimate might be fooled, he said.

    The attack is comprised of a realistic-looking email that attempts to persuade users to take advantage of a relatively new Office 365 capability that allows for them to reclaim emails that have been accidentally marked as spam or phishing messages, according to the report. The messages come from sender “Microsoft Outlook.”

    “Specifically, the fraudulent message is composed of urgent and somewhat fear-inducing language intended to convince users to click on what is a malicious link without hesitation,” Ovadia wrote. “As inferred by the message, the link will redirect users to a security portal in which they can review and take action on ‘quarantined messages’ captured by the Exchange Online Protection (EOP) filtering stack, the new feature that has only been available since September.”

    Once a user clicks on the link, they are asked to type in legitimate Office 365 login credentials on a fake log-in page controlled by attackers to harvest and likely sell on the dark web, according to Ironscales.

    One interesting aspect of the campaign is its success in getting past secure email gateway (SEG) controls. Typically, exact domain spoofs aren’t very hard for them to detect, according to Ironscales; the company found in previous research that this tactic was represented in less than 1 percent of total spoofing attacks that bypass SEGs in a given year.

    “Even non cloud-native and legacy email security tools are fairly efficient at stopping these sorts of attacks,” Ovadia noted. “The reason why SEGs can traditionally stop exact domain spoofing is because, when configured correctly, this control is compliant with the domain-based message authentication, reporting & conformance (DMARC), an email authentication protocol built specifically to stop exact domain spoofing (SPF/DKIM).”

    However, Ironscales found that Microsoft servers are not currently enforcing the DMARC protocol, which means the exact domain spoofing messages get through controls such as Office 365 EOP and Advanced Threat Protection.

    “Any other email service that respects and enforces DMARC would have blocked such emails,” Ovadia wrote. “It remains unknown as to why Microsoft is allowing a spoof of their very own domain against their own email infrastructure.”

    The situation is particularly curious as Microsoft is typically one of the top domain names if not the top domain imitated by hackers in phishing campaigns, he observed.

    To mitigate attacks, Ironscales advised organizations to configure their email defense and protection systems for DMARC, which should detect and reject emails coming from the latest Office 365 campaign, according to the report.

    “Advanced mailbox-level email security that continuously studies every employee’s inbox to detect anomalies based on both email data and metadata extracted from previously trusted communications can help stop email spoofs that slip through the cracks,” Ovadia added.

    0 Comments
    Continue reading

    Got hacked recently? You will probably get hacked again within the next year.

    computer-hacker-and-cyber-crime

    Businesses might feel that if they're targeted by cyber criminals once, it won't happen again - but analysis of incidents shows that more often than not, attackers come back looking for more.

    Businesses that suffer a successful cyberattack are extremely likely to be targeted by cyber criminals again – even if they've taken all the correct steps in the aftermath of the initial attack.

    The Crowdstrike Services Cyber Front Lines report uses analysis of real-world cases where the cybersecurity company has been brought in to help combat cyberattacks and it reveals that in over two-thirds of of cases where there were outside intrusions onto the network, cyber criminals will attempt to break into the same network within one year.

    According to Crowdstrike, 68% of companies encountered another "sophisticated intrusion attempt" within 12 months – although in each of these cases, the second attack was prevented from compromising or otherwise gaining access to the network.

    While organizations might feel that if they're hit by a cyberattack once – whether that's malwareransomwarebusiness email compromisephishing or something else – then they won't be targeted again, if anything it's the opposite that's true.

    Cyber criminals come back probably because they are hoping that an organisation has not learned the lessons of the first attack and has perhaps even left the same vulnerabilities in place that allowed the initial cyber attackers to breach the network.

    "It is tempting to think of intrusions as a lightning strike – a blinding flash that is unlikely to strike the same place twice. Unfortunately, intrusion attempts are rarely a one-time event," said the report.

    "Organizations that do not take the opportunity to apply lessons learned and to better prepare for their next encounter with an adversary may well suffer attacks that result in additional data loss, ransom demands, extortion or other monetary losses requiring costly legal fees, response services and perhaps even future business interruption," the paper added.

    It's recommended that in the aftermath of a breach – once the network is secured with timely security updates, stronger passwords and multi-factor authentication – that organisations take the opportunity to learn from the incident and remain vigilant about what they can do to prevent future attacks and even plan how they'd react to another incident.

    One way of doing this is to regularly perform penetration testing to find out where the vulnerabilities are on the network and if defenders can detect the intrusions, particularly when it comes to new kinds of attack or vulnerability.

    "Holistic coordination and continued vigilance are key in detecting and stopping sophisticated intrusions," said Shawn Henry, chief security officer and president of CrowdStrike Services.

    "Because of this, we're seeing a necessary shift from one-off emergency engagements to continuous monitoring and response. This will better enable incident response teams to help customers drastically reduce the average time to detect, investigate and remediate," he added.

    Source: ZDNET

    Evolution Networks can help you secure your business and keep your data safe.  Get in touch with us today to see how. 

    0 Comments
    Continue reading

    Disasters Aren’t Always Caused By Disasters

    Disasters Aren’t Always Caused By Disasters

    Disasters are a very real possibility that businesses have to deal with, but not all disasters come in the form of a flood or fire. You can predict weather effects that can create problems for your business, like thunderstorms and ice storms that bring down power lines, but you can’t possibly predict when and how your organization will suffer from a data loss incident. We’ll discuss in-depth how your business can save itself the trouble of dealing with cyberattacks and user error--particularly in regard to data backup and disaster recovery.

    0 Comments
    Continue reading