Local Hospital Latest Victim of Ransomware

On Saturday, July 25th, our local hospital experienced a cyber-attack. Samaritan Medical Center had to shut down its entire computer system. Therefore, employees have to return to paper and pen to operate. Patients are still being taken care of, and the hospital expects to reschedule patient procedures that have been deemed non-urgent.

Hospital Impact

The size of the attack is unknown; however, the impact on the hospital and personal information has been minimal. Cyber attacks are avoidable if you have robust cybersecurity, awareness, and know the cybersecurity best practices.

At CREG Systems, we believe that cybersecurity is a shared responsibility. In other words, we all play a part in keeping our networks safe. Organizations, their leaders, users, and the solutions provider all work together to manage your cybersecurity.

Multi-Layered Security

We recommend a multi-layered approach to your network and data security. A multi-layered security approach uses several security measures to protect essential information. The numerous “levels” of security make it difficult for hackers to get through every barrier. For instance, a hacker may get past the spam filter on your email, but cannot get through the antivirus software.

We offer cybersecurity services to businesses that assist in the education of employees and mitigate cybersecurity risks

Defendify by CREG Systems Cybersecurity Platform

  • Cybersecurity Risk & Assessment Tool
  • Alerts
  • Cybersecurity Policy Builder
  • Incident Response Builder
  • Dark Web Scanning for Stolen Passwords
  • Phishing Simulation Tool
  • Employee Cybersecurity Awareness Training Videos & Webinars
  • Cybersecurity Awareness Poster Library
  • External & Internal Network Vulnerability Scanning
  • Threat Penetration Testing (Ethical Hacking)
  • Website Scanning

Many businesses do not believe that they are a potential target of cybercrime. Personal information is not limited to your basic social security number or credit card information. For instance, it can include recipes as a restaurant owner all the way to market strategies. To find out why you could be at risk of a cyberattack, watch our webinar on cybersecurity!

With COVID-19 and the transition to a remote workforce, your business can be at an even greater risk. Read why remote workers are more vulnerable to cyber attacks here! https://cregsystems.com/index.php/covid19-makes-remote-workforce-vulnerable-to-cyber-attacks/

Our staff are trained and certified as Certified Information Security System Professional (CISSP), Certified Ethical Hacker, and Certified Wireless Network Administrator and holds CompTIA A+, CompTIA Network+, CompTIA Security+, Windows Server 2016, and Microsoft Exchange certificates. In conclusion, our staff is the best equipped to deliver you the best cybersecurity in the North Country.


The Future is Now: Benefits of Working Remote

COVID-19 is continuing to alter the way of American life. As states begin to reopen, people wonder what will the new standard be. Business culture is experiencing a change never seen before. This pandemic proves to employers and employees that much of the work done in an office is accomplishable right from home. Will we see a shift from an office environment to remote work? We think, yes.

Working remotely can offer many benefits to both the employer and the employees.

BENEFITS FOR EMPLOYERS

1. Employee Retention

Employee retention rate is something every business wants to increase. Losing valuable employees is detrimental to any company. Some ways that remote work keep employee retention rate up is that you do not lose employees when they move. The technology available today makes it feasible for remote employees to live anywhere in the world and work for a company based in one location. Millennials and upcoming generations are changing the ideas of the typical work environment. Many newer generations want more flexibility in their jobs. Remote work is a great way to offer that. 

2. Expanded Talent Pool

Hiring remote expands the pool of potential employees. A business that operates out of an office needs employees that live within a certain radius of the office. When a business implements a remote workforce, the pool of applicants becomes unlimited. With a larger pool of applicants, companies are more likely to find the person that best fits the role they are trying to fill. 

3. Reduced Overhead

A completely remote workforce requires virtually no overhead costs. There is no office space costs or little to none. Having an office also comes with the responsibility and expense of having office snacks. Elimination of these costs is possible with the switch to a remote workforce. An analysis of saving done by Global and Workplace Analytics states that IBM saved $50 million in real estate costs by transitioning to a partly remote workforce.

Find more cost-saving examples here: https://globalworkplaceanalytics.com/resources/costs-benefits

BENEFITS FOR REMOTE EMPLOYEES

1. Flexible Hours

The average 9-5 business hours is not a realistic approach to maximize productivity. Every employee has different tasks and different methods to get the job done. People function best at different times of the day due to differences in energy levels and personal schedule needs. The freedom to have flexible hours also allows employees to live and travel anywhere and still get their work done. 

2. Reduced Daily Expenses

Commuting can become expensive, reasonably quickly. The average commute being 27 minutes, longer if you live in a city. Commutes add mileage to your car and require frequent refills of the gas tank. Many employees also order or go out to eat for lunch while at work. These additional costs add up without employees realizing it. Therefore, working from home can diminish these additional employee costs. While working from home, employees are more likely to use the food that is already available to them. Childcare is often not necessary when working from home, either. 

3. Health Benefits

With the option to eat at home, employees will generally make healthier choices. Eating the right foods also leads to an increase in brain health, which results in higher levels of productivity. A work-life balance is even more manageable while working from home. Employees get to take breaks, which allows them to come back more focused and less stressed. A break could include getting a load of laundry done or running a couple of errands. The amount of time spent with family also increases. The family also alleviates stress during the day. The less stressed an employee is, the more focused they can be. 

CREG Systems is your one stop shop to assist and a transition to a remote workforce. Whether it is a complete or partial transition of a workforce, we have the tools and technicians to ensure it all goes smoothly.

Read more on our products and services to see how we can help you! https://cregsystems.com/index.php/data-wireless-networking/


Ransomware Tycoon: New Threat

What is Ransomware

Ransomware is a type of malware that targets a victim’s file. The malware the user out of their data or steals the files through the use of encryption. The attacker then threatens to expose the files unless the victims pay a ransom. The most common form of payment is bitcoin. Ransomware delivery is in the way of phishing attempts. A phishing attempt is an email with malicious links attached to get the victim to click on these links, which unleash the ransomware into their files. Once the files become encrypted, it is nearly impossible to gain access to the data without the encryption key held by the attacker

Attackers have found a way around Windows 10 ransomware protection.   A new kind of ransomware known as Tycoon has found a way to target Windows devices. This ransomware uses a Java file format to disguise the malware until it reaches the desired files quickly

Blackberry Research

An educational institute fell victim to this kind of attack. The institute called in a consulting agency known as KPMG, which also partners with Blackberry’s Security research unit to investigate the incident. The attack was carried out by hacking into a remote desktop and deploying a backdoor to gain entry to the network. Once they have access through the back door, the attacker goes into a period of no activity. The period of inactivity can last anywhere between a week to a couple of months. After the period is up, it enters through the backdoor and disables any antivirus software to minimize the possible detection of the attack

The first detection of the ransomware Tycoon was in December 2019. Tycoon is present in Windows computers mostly, but researchers believe it can infect Linux systems. The number of victims has been minimal leading experts to believe this is a particular and targeted attack. Many of the victims include educational and software institutes. Since this type of attack can go undetected effortlessly, experts assume that the number of victims is higher than recognized. There are some ways to prevent an attack like this from happening

Check out our blog on ransomware and how to avoid it!


Anonymous Cyber Attacks and How They Do It

On May 25th, the country came together under one emotion: rage over the murder of George Floyd on the streets of Minneapolis. The country has experienced an increase in protests, riots, and even cyberattacks. An activist group that routinely appears amidst a scandal is back, Anonymous.

Anonymous is a “decentralized” international activist/hacktivist group that performs cyber-attacks against several different kinds of institutions. The institutions that find themselves victims of these attacks are targets because of their misuse of power.

Latest Anonymous Target

The latest target of infamous Anonymous cyber-attacks happens to be the Minneapolis Police Department. Anonymous released a callout video on social media stating their discontent with the police department and threatened to enact justice and expose the corruption to the world.

Click here to watch the Anonymous video.

https://www.facebook.com/watch/?v=285581555919237

Shortly after the video was released, the Minneapolis police department website experienced an outage, and the Chicago police radios streamed NWA’s “F*ck The Police.”  

The Anonymous hacks were complete by using a distributed denial-of-service or DDoS attack. A DDoS attack is an attempt to disrupt regular traffic by directing a flood of internet traffic to the targeted server, service, or network.

Just like any functioning system, there are several moving parts found in DDoS attacks. Networking and telecommunication systems have multiple layers to them. Each layer has a specific role or function and assists in the successful operation of a full ongoing system. Different types of DDoS attacks target specific segments to expose and take advantage of their weak spots.

Download the OSI Model now!

Types of DDoS Attacks

To perform a DDoS attack, the attacker must gain control of a system and infect the devices with malware. The malware turns the device into a bot, which can give power back to the hacker. Each device infected with malware becomes known as a botnet, and once a botnet forms, directions can be sent to each bot. The bots then flood the network with instructions and reach capacity, therefore not allowing regular access from normal traffic. there are three kinds of attacks.

Application Layer Attacks

Application layer attacks or Layer 7 attacks, consist of overwhelming the server with HTTP requests. The attacks target specific applications and do so by identifying vulnerabilities or weak spots and taking advantage of them. Many attacks occur in unidentifiable patterns that allow monitoring and modification to cause the maximum amount of damage. Application layer attacks can also take place on a large scale. Due to the large size of the attack, it is almost impossible to maintain a list of known patterns, resulting in difficulties defending from new attacks.

Protocol Attacks

Protocol or layer 3 and 4 attacks, target the victim’s infrastructure. These disrupt services by consuming all the available web server capacity or resources such as firewalls or load balancers. One of the most common forms of a protocol attack is known as an SYN Flood. A synchronized request is sent to a server when a user tries to access it; another message submits when it is accepted, known as SYN-ACK, then the visitor gets a message of ACK or acknowledges which allows them access to the website. An SYN Flood attack sends the SYN message but never sends back the SYN-ACK message. Not receiving an acknowledgment message makes the server wait for a signal while receiving an abundance of SYN messages. In other words, the overload of new signals results in the crashing of the server.

Volumetric Attacks

A volumetric attack is one of the most significant forms of DDoS attacks. A volumetric attack works just what it sounds like it does. therefore, volumetric attacks create congestions by utilizing all the bandwidth between the target and the internet. These attacks often consume more than 100Gbps of bandwidth. A large amount of data congests the target server, which prevents any other user from accessing the server. These attacks require the minimum amount of resources and produce the maximum level of damage. The small amount of resources needed to deliver a great outcome is why they are the most widely used form of DDoS attack.

Ways to Mitigate DDoS Attacks

Cyber attacks are increasing every day. Cyber attacks have become one of the biggest threats to businesses and organizations around the world. Check out SonicWall’s 2020 Cyber Threat report here!

The best way to mitigate an attack is to prepare for one. Having the proper security in place always lessens the chance of an attack being successful. The components of a good plan include:

  • Systems checklist
  • A response team
  • Define notification and escalation procedures
  • List internal and external contacts

A multi-level protection strategy should always be in place. For instance, the combination of firewalls, VPN’s, anti-spam, content filtering, load balancing, and other layers of protection are proactive in covering every front possible. Multi-layer security also includes making sure your systems in place are up to date. It is effortless to work around an out of date system or network.

The most important way to avoid these kinds of attacks is to use the best cybersecurity practices. Engaging in best practices effectively minimizes the risk of attacks. Above all, employers need to educate and build awareness within their employees to know the best practices. Secure passwords and familiarity with phishing emails are necessary for maximum security efforts.