Hackers Breached US Local Government by Exploiting Fortinet Bugs

FBI Ransomware Alert

As of May 2021, state-sponsored hackers have compromised the webserver of a U.S. municipal government after hacking into a Fortinet appliance.  The Federal Bureau of Investigation (FBI) states that after gaining access to the organization’s server, the hackers moved laterally through the network and created a new domain controller, server, and workstation user accounts to mimic the existing ones.

Not the First Warning:

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) had warned in April 2021 of hacking groups that had gained access to Fortinet appliances by exploiting FortiOS vulnerabilities.  Once they breach a vulnerable server, they will use them in future attacks targeting networks across critical infrastructure sectors.  Hackers will use exploitation techniques such as spear phishing to infiltrate organization networks to prepare follow-up attacks.

Impact:

The size of the attack is unknown; however, the impact on the local government and personal information could have been much higher. Cyber-attacks are preventable if you have strong security and know the best practices for them.

At CREG Systems, we believe that cybersecurity is a shared concern. In other words, we all play a part in keeping our networks safe. Organizations, their leaders, users, and the solutions provider all work together to manage your cybersecurity.

Multi-Layered Security:

We recommend a multi-layered approach to your network and data security. A multi-layered security approach uses several security measures to protect essential information. The numerous “levels” of security make it difficult for hackers to get through every barrier.

We offer cybersecurity services to businesses that support the education of employees and lessen cybersecurity dangers.

Mitigate the Risk of a Cyber Attack:

Detect Mitigate Prevent

CREG Systems ensures that the data you share and store is secure and protected, which pledges efficient operation and credibility to your organization. Our certified and highly-trained staff will meet your needs and plan a security system roll-out strategy that best fits your goals.

  • Hardware & Software
    • Keep your data safe by using the most up-to-date security software and hardware.  Make sure you are secured through NEXTGEN firewalls, use sandboxing for extra protection, and ensure you have a defense at the gate.
  • Multi-level Protection
    • From your desktop to the firewall, each device in your organization should have segmented and multi-layered protection. Usually, you can stop a data breach before it threatens your vital information.
  • Insider threats
    • While many organizations have multi-layer security systems and data protection in place, there could still be other risks to consider. Former employees can be a threat to your cybersecurity.  Be sure to remove any access they may have and their data as soon as they leave the organization.  Be sure to teach employees about the importance of security and have regular testing to ensure your data is secure.
  • Good Cyber Habits
    • Be sure to keep your information backed up but, never keep your backups online.  Be sure to keep your systems updated and double-check apps to determine if they are corrupt or not. Limit access privileges and use two-factor authentication.  Preventing cyber threats is better than curing them.

Our staff are trained and certified as Certified Information Security System Professional (CISSP), Certified Ethical Hacker, and Certified Wireless Network Administrator and holds CompTIA A+, CompTIA Network+, CompTIA Security+, Windows Server, and Microsoft Exchange certificates. In conclusion, our staff is the best equipped to deliver you the best cybersecurity in the North Country.

CREG Managed Security Services

2020 SONICWALL CYBER THREAT REPORT: THREAT ACTORS PIVOT TOWARD MORE TARGETED ATTACKS, EVASIVE EXPLOITS

SonicWall, a leader in the security platform category has published its 2020 Cyber Threat Report delivering critical threat intelligence to help organizations better understand how cybercriminals think.

Highlights include:

  • Malware, ransomware attack volume down 6% and 9%, due to more targeted attacks
  • Connected-device dependence leads to 5% increase in IoT attacks, over 34 million exposed
  • Over 40 million web app attacks detected, 52% year-over-year increase
  • Encrypted threats up 27%, almost 4 million identified

Click here to download the full report

#CREGSystems is proud to partner with SonicWall to bring you the latest in #CyberSecurity and #Firewall Options.  Contact us today to learn more about how we can help you mitigate your risks of malware and ransomware attacks!


Ransomware And How to Avoid It

5 Tips to Help Mitigate the Risk of a Ransomware Attack

Avoid a ransomware attack by educating yourself and protecting your business. Knowledge is power, so be in the know and check out these 5 helpful tips from CREG Systems!

What is ransomware? This Cybersecurity and Infrastructure Security Agency report defines it as “a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid.” In addition, CISA warns us that ransomware usually spreads through phishing emails or by accidentally visiting an infected website.

Don’t become the next victim of a ransomware attack! Here are our quick tips to help protect your data:

1. Get the right protection software.

Mitigate the risk of being attacked by ransomware by protecting your data with the most up-to-date security software. For example, make sure you are secured through NEXTGEN firewalls, use sandboxing for extra protection, and insure you’ve got protection at gate and edge router level. Ask us about our network security services to learn more.

2. Check your hardware.

Malfunctioning, unpatched or outdated hardware can greatly increase your risk of a ransomware attack. Most importantly, get your hardware regularly assessed and updated. In addition, check for any vulnerabilities that may allow malware to seep through into your network. To do that, we at CREG Systems provide assessments to help you keep your hardware in top shape.

3. Multi-level protection is key.

From desktop level to firewall level, each device in your organization should have segmented and multi-layered protection. That will insure that ransomware can be stopped before it gets to your data. Email us, and we will help you minimize the risk by combining software and hardware protection tools, elements of AI and machine learning

4. Practice good cyber habits.

Backup, backup, backup. Never keep your backups online, keep your systems updated, whitelist good apps to keep the bad ones out, limit access privileges, and use two-factor authentication. In short, prevention is better than cure!

5. Know who to contact in worst case scenario.

In case of a ransomware attack, never pay the ransom and always ask for help! Firstly, Contact CISA and notify your local FBI field office. Secondly, give us a call. CREG Systems is a trusted experienced advisor. We are here for you, should you need assistance in recovery from a cyber attack. Contact us to learn more!

CREG Systems seeks to educate its customers about the telecom industry and the services we offer. We do so by giving you tools and information to help you learn more to empower and protect your business. Located in Watertown, NY, we serve our Northern New York customers in many areas of IT and telecommunications, including cyber security. Click the “Contact Us” button above to get in touch!