National Cybersecurity Awareness Month: The Top Cyber Treats of 2021 and How CREG Systems can Help

It’s October, which means it is time for pumpkin patches, apple picking, cold weather, and more! October is also National Cybersecurity Awareness Month, which was launched in 2004 by the National Cyber Security Alliance and the U.S. Department of Homeland Security. 

What is National Cybersecurity Awareness Month?

When Cybersecurity Awareness Month began, the awareness efforts centered around advice like updating your antivirus software twice a year to mirror similar efforts around changing batteries in smoke alarms during daylight saving time. Over the years, National Cybersecurity Month has developed to change with technology. 

According to reports, the most common tactics hackers use to carry out ransomware attacks are email phishing campaigns, RDP vulnerabilities, and software vulnerabilities, and the total ransomware costs are projected to exceed $20 billion in 2021. However, CREG Systems is Northern New York’s most trusted and experienced resource that is prepared to prevent ransomware attacks on your business. 

What are the Top Cyber Threats of 2021?

We at CREG Systems seek to educate the public about how to maintain their network health. We do so by providing educational materials, like this article. We also assess your network and provide recommendations and services that will strengthen your security. Contact us today to protect your data. Meanwhile, here are some common threats that CREG Systems recommends you watch out for:

  • Phishing
    • Phishing is one of the most common types of cyberattacks, mainly because it is often an effective technique for gaining access to an organization’s network and systems. It’s usually easier to trick an employee into handing over sensitive data (like login credentials) or running a piece of malware on a company computer than to accomplish these goals through other means.
  • Double-Extortion Ransomware
    • Ransomware has been a growing threat in recent years. Several high-profile attacks demonstrated that ransomware was profitable, driving a rapid increase in cybercrime groups operating this malware. On average, ransomware claims a new victim every ten seconds worldwide. Ransomware cost businesses around $20 billion in 2020, an increase of 75% over the previous year.
    • Another recent trend is the “double extortion” ransomware campaign. Instead of simply encrypting files and demanding a ransom for their recovery, ransomware groups now steal sensitive and valuable data from their victims as well. If the target organization does not pay the ransom, this data is posted online or sold to the highest bidder.
  • Remote Work Exploitation

In 2020, the COVID-19 pandemic forced businesses to pivot quickly to a remote workforce.  In a short time, companies with no existing telework programs had to adapt and update their infrastructure to allow employees to work from home.  However, the rush to stand up remote work programs left security gaps that are exploited by cybercriminals. In 2021, companies continue to face new security threats made possible by widespread telework, including:

  • The exploitation of Remote Access Solutions:
    • Employees working from home need access to the corporate network. As a result, the use of virtual private networks (VPNs) and the remote desktop protocol (RDP) has exploded during the pandemic. Cybercriminals have taken advantage of this, exploiting poor password security and VPN vulnerabilities to access corporate networks, steal data, and plant ransomware.
    • Thread Hijacking Attacks:
      • In a thread hijacking attack, an attacker with access to an employee’s email or other messaging accounts will respond to an existing conversation. These responses will contain malicious attachments or links to phishing sites and are designed to expand the attacker’s access within an enterprise network. With the rise of remote work, the frequency and success rate of these attacks has grown as employees increasingly communicate using alternative platforms and cybercriminals are more successful at gaining access to email accounts.
    • Vulnerable and Compromised Endpoints:
      • With remote work, employees are working outside the corporate perimeter as well as the cyber defenses deployed there. Additionally, these devices are less likely to be up-to-date on patches and compliant with corporate policy. As a result, they are easy targets for exploitation by cybercriminals.

How can CREG Systems help?

CREG Systems ensures that the data you share and store is secure and protected, which pledges efficient operation and credibility to your organization. Our certified and highly-trained staff will meet your needs and plan a security system roll-out strategy that best fits your goals.

  • Hardware & Software
    • Keep your data safe by using the most up-to-date security software and hardware.  Make sure you are secured through NEXTGEN firewalls, use sandboxing for extra protection, and ensure you have a defense at the gate.
  • Multi-level Protection
    • From your desktop to the firewall, each device in your organization should have segmented and multi-layered protection. Usually, you can stop a data breach before it threatens your vital information.
  • Insider threats
    • While many organizations have multi-layer security systems and data protection in place, there could still be other risks to consider. Former employees can be a threat to your cybersecurity.  Be sure to remove any access they may have and their data as soon as they leave the organization.  Be sure to teach employees about the importance of security and have regular testing to ensure your data is secure.
  • Good Cyber Habits
    • Be sure to keep your information backed up but, never keep your backups online.  Be sure to keep your systems updated and double-check apps to determine if they are corrupt or not. Limit access privileges and use two-factor authentication.  Preventing cyber threats is better than curing them.

Our staff are trained and certified as Certified Information Security System Professional (CISSP), Certified Ethical Hacker, and Certified Wireless Network Administrator and holds CompTIA A+, CompTIA Network+, CompTIA Security+, Windows Server, and Microsoft Exchange certificates. In conclusion, our staff is the best equipped to deliver you the best cybersecurity in the North Country.


Cybersecurity Defense: The Biden Administration Executive Order, is it a Great Start Towards Improving the Nation’s Cybersecurity?

In May, President Biden issued his executive order on improving the nation’s cybersecurity. However, this is not the first time that a president has tried to address this critical issue. Every president since Bill Clinton has issued a similar executive order to no avail.

While cybersecurity is an ever-growing complex topic, there is hope that the latest executive order is taking the step to get ahead of the next multimillion-dollar cyber-attack.

Why is Cybersecurity Important?

Hackers working for profit and espionage have long threatened American information systems. But in the last six months, they’ve targeted companies running operational networks like Colonial Pipeline with more persistence.

A cyber-attack can become a costly expense.  Not only does the network have to be repaired and protected, but hackers may also demand money to get back data, access, or personal information.  The average ransomware requested from a small business is around $4,300, but the average cost of downtime after a ransomware attack is $46,800.  Meaning that even though a ransom request may appear small, it can cost your business more as time goes on. 

70% of businesses are ill-prepared for a cyberattack. In other words, hundreds of thousands of industries have holes in their cybersecurity or have no cybersecurity at all.  It is vital to educate employees on the importance of cybersecurity.  Implementing cybersecurity training is a start to keeping your company safe from cyberattacks. 

How Will the Government Help?

The U.S. government began taking small steps to defend cybersecurity in 1998 when the Clinton administration identified 14 private sectors as critical infrastructure, including chemicals, defense, energy, and financial services. Other industries were slower to protect their computers, including the oil and gas sector.

By modernizing our government’s approach to cybersecurity, the uniformity of standards across all agencies will make it easier for companies to get a clearer picture of the expectations.

The executive order lays out clear directions on where the U.S. needs to improve and how outside companies can help it get there. This should encourage greater buy-in and assure that this order is the one that finally makes a difference.

Executive Order Key Points

  • Remove Barriers to Threat Information Sharing Between Government and the Private Sector
  • Modernize and Implement Stronger Cybersecurity Standards in the Federal Government
  • Improve Software Supply Chain Security
  • Establish a Cyber Safety Review Board
  • Create a Standard Playbook for Responding to Cyber Incidents
  • Improve Investigative and Remediation Capabilities

In the wake of million-dollar cyber-attacks such as JBS and the Colonial Pipeline, it is imperative to take extra steps to mitigate the risk of a cyber-attack.  At CREG Systems, we take pride in our cybersecurity knowledge and put a lot of time into educating our customers on its importance. 

CREG Systems helps keep the data you share and store secure and protected, which pledges efficient operation and credibility to your organization. Our certified staff will assess your network’s strengths and potential weaknesses and design a solution that fits your needs today and prepares you and your business for the future.   

Our staff are trained and certified as Certified Information Security System Professionals (CISSP), Certified Ethical Hackers, and Certified Wireless Network Administrators and hold CompTIA A+, CompTIA Network+, CompTIA Security+, Windows Server, and Microsoft Exchange certificates. In conclusion, our staff is the best equipped to deliver you the best and most comprehensive cybersecurity in the North Country.


Hackers Breached US Local Government by Exploiting Fortinet Bugs

FBI Ransomware Alert

As of May 2021, state-sponsored hackers have compromised the webserver of a U.S. municipal government after hacking into a Fortinet appliance.  The Federal Bureau of Investigation (FBI) states that after gaining access to the organization’s server, the hackers moved laterally through the network and created a new domain controller, server, and workstation user accounts to mimic the existing ones.

Not the First Warning:

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) had warned in April 2021 of hacking groups that had gained access to Fortinet appliances by exploiting FortiOS vulnerabilities.  Once they breach a vulnerable server, they will use them in future attacks targeting networks across critical infrastructure sectors.  Hackers will use exploitation techniques such as spear phishing to infiltrate organization networks to prepare follow-up attacks.

Impact:

The size of the attack is unknown; however, the impact on the local government and personal information could have been much higher. Cyber-attacks are preventable if you have strong security and know the best practices for them.

At CREG Systems, we believe that cybersecurity is a shared concern. In other words, we all play a part in keeping our networks safe. Organizations, their leaders, users, and the solutions provider all work together to manage your cybersecurity.

Multi-Layered Security:

We recommend a multi-layered approach to your network and data security. A multi-layered security approach uses several security measures to protect essential information. The numerous “levels” of security make it difficult for hackers to get through every barrier.

We offer cybersecurity services to businesses that support the education of employees and lessen cybersecurity dangers.

Mitigate the Risk of a Cyber Attack:

Detect Mitigate Prevent

CREG Systems ensures that the data you share and store is secure and protected, which pledges efficient operation and credibility to your organization. Our certified and highly-trained staff will meet your needs and plan a security system roll-out strategy that best fits your goals.

  • Hardware & Software
    • Keep your data safe by using the most up-to-date security software and hardware.  Make sure you are secured through NEXTGEN firewalls, use sandboxing for extra protection, and ensure you have a defense at the gate.
  • Multi-level Protection
    • From your desktop to the firewall, each device in your organization should have segmented and multi-layered protection. Usually, you can stop a data breach before it threatens your vital information.
  • Insider threats
    • While many organizations have multi-layer security systems and data protection in place, there could still be other risks to consider. Former employees can be a threat to your cybersecurity.  Be sure to remove any access they may have and their data as soon as they leave the organization.  Be sure to teach employees about the importance of security and have regular testing to ensure your data is secure.
  • Good Cyber Habits
    • Be sure to keep your information backed up but, never keep your backups online.  Be sure to keep your systems updated and double-check apps to determine if they are corrupt or not. Limit access privileges and use two-factor authentication.  Preventing cyber threats is better than curing them.

Our staff are trained and certified as Certified Information Security System Professional (CISSP), Certified Ethical Hacker, and Certified Wireless Network Administrator and holds CompTIA A+, CompTIA Network+, CompTIA Security+, Windows Server, and Microsoft Exchange certificates. In conclusion, our staff is the best equipped to deliver you the best cybersecurity in the North Country.

CREG Managed Security Services

5 Steps You Should Take Today to Minimize Your Data Loss Due to Ransomware

FBI Ransomware Alert

You’re concerned about getting ransomware as everyone should be, but you don’t know what you can do to minimize your risks. Follow these five steps to reduce the chances of your data being hijacked and falling victim to ransomware.

  1. Make regular backups.
    This is Ransomware Defense 101. The scammers want to restrict access to your data, but if you have a recent backup copy of it, you’re one step ahead of them. Organize your vital data so that it is stored in a secure location, and regularly back it all up. – You can back up your data to an external USB drive, or have it backed up to the cloud (we recommend doing both!) How often you back up your data should be based on how often your files are updated. Daily user? Backup daily!
  1. Keep your computer updated.
    Whatever platform you’re using, desktop, tablet, or smartphone, stay up-to-date with your operating system updates and security patches. Did you disable Windows Update? Switch it back on, and make sure you’re running the latest version. *Note – Windows 7 stopped receiving critical updates in January 2020. It’s imperative that you upgrade your operating system to Windows 10 to ensure you’re receiving the latest updates and security releases.
Windows 10 Security Updates
  1. Spot suspicious files, enable file extensions.
    One way of combating ransomware (and other malware) is to use your eyes. Many malicious tools have multiple file extensions (such as, for example; .PDF .EXE) which immediately identifies them as dangerous if you know what you’re looking for. By enabling file extensions in Windows, you can spot and delete them (or let your anti-virus software destroy them).
How to Enable File Extensions
  1. Email Filtering and Hyper Vigilance.
    Most desktop email clients automatically scan incoming messages for malware and viruses that are attached, but hackers are constantly trying new methods to deliver their malicious files to your PC. As a general rule, you should never open an email or an email attachment from someone you don’t know or recognize. To avoid filters, hackers will send you a link that will lead you to a site that will automatically start the download of a malicious file. It’s best to avoid clicking on any links that are received through email, even if the link looks legitimate. Hackers will often change one letter within a domain address, which will lead you to a malicious site. Stay Hyper Vigilant!
Carefully Scrutinize Your Emails
  1. Employ a Firewall and Internet Security Suite.
    As with all data security challenges, the best protection you’ll get from ransomware is with a competent internet security suite and an up-to-date firewall. There are many options available for your network and internet security. Give us a call if you’d like to learn more about our recommendations.
ESET Antivirus and Endpoint Protection

CREG Systems deploys a myriad of tools to help protect our partners and mitigate their risks or malware and ransomware. Call us today to learn more about how we can help secure your network and keep your data out of the hands of cyber-criminals.

CREG Managed Security Services