Cybersecurity Training

Safe from Kaseya Hack

Cynexlink Clients are Safe from the Kaseya Hack


Many of you may have read over the weekend that an IT infrastructure management company called Kaseya was successfully breached by a ransomware hack. This event potentially impacted thousands of companies because their IT managers – MSPs like us – used that Kaseya tool to monitor their clients’ networks.

All Cynexlink clients should take comfort in knowing this: you have ZERO exposure to this event.

**Note: if you are visiting our site for the first time, your current MSP uses Kaseya VSA and you are looking to make a change, the quickest way is by contacting us here. We have created a special offer for Kaseya clients and we will reply immediately to help your organization chart a rapid path to IT safety.

The article below provides a quick background on what Kaseya does and why this breach is potentially so far-reaching, as well as why we weren’t completely stunned by news of this breach.

Who & What is Kaseya?

All Managed Service Providers (MSPs) like Cynexlink use various software solutions to manage and monitor their clients’ networks for patching, operating system status, data backup, email spam protection and much more.

The primary monitoring software used by companies like ours is an RMM solution, which stands for Remote Monitoring and Management. Such a tool helps provide us visibility at scale, reporting, automation, efficiency and more. While an RMM solution is merely one tool in the toolbelt of an IT solutions provider like us, it serves as the heartbeat of the MSP’s tech stack.

Kaseya’s RMM product, which they call VSA, is what was breached. This means that not only were all of Kaseya’s MSP clients put at risk, so too were all the end clients of those MSPs! Initial reports said 200 companies were impacted by this breach; we will be very surprised if that figure doesn’t end up far higher when the dust settles.

Familiar names of RMM solution providers include smaller companies like NinjaRMM, N-Able and Atera, while the two biggest, most credible players are ConnectWise and Datto. We use Datto because their RMM tool, Autotask, is our industry’s gold standard.

Kaseya’s Place in the IT Universe

Kaseya has been working feverishly to move up into the top-tier IT provider category alongside Datto and ConnectWise, which is why it attracted so much private equity interest a couple years ago.

Behind the scenes, there has been a ton of consolidation in our industry over the last few years, and it has centered on these RMM tools – either as acquirers or acquirees – driven by economies of scale. By adding firewall management, backup and recovery, cybersecurity tools and more to an RMM under one roof, the potential for growth is staggering. This is why Kaseya has raised over $500MM dollars over the last 2+ years — to grab a piece of that market.

The path to providing more and more IT solutions beyond the RMM tool comes down to a choice between building it and buying it. Kaseya chose to raise money and buy.

With all that fresh PE money, Kaseya went on a torrid acquisition spree, buying backup providers, cybersecurity companies, anti-phishing solutions, network assessment programs and more. The management challenge with such consolidation plays, however is huge: not only do company cultures have to be merged, so do all the business units, product features and technologies used. In such a growth-first environment, key details can be missed without any ill intent whatsoever.

Indeed, our team spends more than 500 hours per year in training and product review sessions in order to stay up on the latest technology and cybersecurity solutions for our clients. When a new, better tool comes along in a category, it gets added to our tech stack and the previous leader gets the boot… being able to monitor IT advancements is one of the big advantages of hiring a firm like ours.

As part of our ongoing IT vetting process, we have assessed a number of Kaseya products in the last couple of years. Without being too specific for not wanting to drive the stiletto too hard at this moment in time, there were definitely some warning signs that key details were being missed.

Massive Business Challenges Remain

It will be interesting to see how Kaseya simply survives this high-profile event.

In the short-term, there is the issue of the $70 million ransom the hackers are demanding to release the stolen data.

Next, every MSP client of Kaseya must be exploring a move to a competitor this morning, but a systemic transfer of that kind is no overnight project. If those MSPs don’t move, however, their end clients will wonder how their IT provider can stay put — or how they can continue to work with, and have confidence in, an MSP that won’t leave Kaseya.

Maybe all of this can be fixed with a little P.R. and a lot more of what matters — actual cybersecurity investment and restructuring. Only time will tell.

For those end clients who don’t want to wait and need help getting away from Kaseya, contact us not only for a special offer for Kaseya clients only, but a simple 3-step, 3 week plan to provide a port in a storm for your network and data.

Read more

Four Simple Cybersecurity Fundamentals


You hear statistics like this all the time: last year, the cost of the average data breach was $3.86 Million. Furthermore, by the end of 2021, worldwide cybercrime costs will hit $6 trillion annually.

Both figures are true but seem so large they’re actually hard to relate to. That said, we can say from experiencing panicked inbound calls from prospective clients who have been hit by ransomware: hackers target businesses of all sizes.

Why? It’s just a numbers game. The evidence shows that 95% of cybersecurity breaches are caused by human error so they probe and they probe looking for the easiest prey, usually through some form of email scam.

Hit a small business for five grand here, a larger one for $150k there… pretty soon you’re talking about real money, as the saying goes.

Because most cybersecurity breaches happen due to an organization’s own negligence or carelessness, be sure you are following these tips – at minimum – to protect your data from cybersecurity attacks:

  1. Keep Your Tools Updated

It is imperative to always install security/antivirus/anti-malware software on your system. It is all the more important to install software updates for your applications, programs, and operative system. The best way to stay updated is to have IT experts like us manage patches and system updates, white labeling them and ensuring they work as intended before installing. If you don’t have such IT support, however, then turn on automatic updates whenever possible. Also, make sure to keep browser plug-ins up to date and use safe web browsers that get automatic and frequent security updates such as Firefox and Chrome.

  1. Password Management

It’s convenient and easy to use the same password across all your subscriptions. Unfortunately, it is also convenient for the hacker to steal your data – breach one system and they’ve breached them all. A password manager generates unique, encrypted passwords for each of your logins and enters credentials automatically. Tools like Keeper and LastPass are such simple and elegant solutions, we can’t understand why everyone doesn’t use them.

  1. Learn to Spot Suspicious Emails

Most understand the need to be vigilant and suspicious of any official looking email that demands bank details or other personal information. To help employees learn how to avoid and report such emails and calls immediately, companies should strongly consider ongoing anti-phishing training. Since email remains the primary threat vector, this inexpensive solution offers perhaps the greatest ROI of all cybersecurity investments.

  1. Never Leave Devices Unattended

Physical security is as important for your network as technical security.  When in public settings, encourage employees to lock their devices by before leaving them even for a short period of time. Also, create org-wide screen timeout defaults, lock your server room and provide employees with lockable desk drawers as well. Good cybersecurity requires a cultural focus.

Cybersecurity does not refer to any single solution (anti-virus, firewall, etc.), it is achieved through layers of protection that are meant to frustrate cyber criminals and encourage them to go elsewhere.

While there are many more complex tools and solutions that help protect larger organizations, businesses of all sizes should be practicing the core fundamentals outlined above if they want to avoid becoming one of the statistics.

Read more
Top 5 Cybersecurity threats for a business

Top 5 Cybersecurity threats for a business


The “Global Risks Report” by the World Economic Forum says the chance of nabbing and prosecuting a cybercriminal at 0.05%. Moreover, global losses from cybercrime were more than $1 trillion in 2020 alone. Combining these two pieces of information, resilience and business awareness is the key to avoid security breaches and secure sensitive data.

With the increasing level of remote and work-from-home jobs, the sophistication and intensity of cyber threats are also increasing. Below, we are sharing the 5 most damaging cybersecurity threats for businesses and enterprises in 2021:

  1. DDoS Attacks

Last year, nearly 10 million DDoS attacks were attempted, with the loss per hour of service reaching as much as $1,00,000. Previously compromised devices are used by hackers to employ a botnet which is required for a coordinated DDoS attack. Every such machine, which has been compromised by hacking or malware, can be used to perform a criminal activity while the owner of the machine is completely unaware that it is happening.

It used to be that web traffic was targeted using this method. But now, artificial intelligence (AI) is being used by cybercriminals to perform DDoS attacks. While it seems to be a poison, AI can also become the cure for preventing and eliminating DDoS attacks.

  1. Cloud Computing Loopholes

To target cloud computing systems, hackers look to exploit servers with weak passwords and unpatched systems by performing brute-force attacks with the aim of somehow accessing stored user accounts. They can also steal other sensitive data or plant ransomware into the system. There also have been instances of usage of cloud systems to coordinate DDoS attacks or to perform crypto jacking. To avoid the compromise of cloud systems and make them more secure, proper attention should be paid to cloud storage configuration, end-user actions on cloud devices, and the security of application user interfaces (APIs).

  1. Third-Party Software

Today, there is no independent stand-alone digital system that can function by itself. Most organizations employ the services of one or more third-party tools. Some of these tools have at least one critical vulnerability. If exposed to hackers, it can cause the opening of the gateway to a host of other domains. In 2020, third-party breaches affected some of the biggest global brands such as Instagram, General Electric, and Spotify.

  1. Ransomware

Ransomware is a program that encrypts the data on the affected system and then demands payment to release the infected data. In 2020, the cumulative sum of demands generated by ransomware was more than $1.4 billion. Some of the most recent cases of ransomware causing a ruckus include the compromise of research data on Covid-19 at The University of California, and the attack on a German hospital where cybercriminals disabled its patient care systems, which even resulted in the death of a patient undergoing treatment at the hospital.

  1. Social Engineering

Social engineering attacks manipulate human psychology to attain the specific goals for hacking a system. Phishing emails, scareware, and quid pro quo are some of the techniques used in social engineering attacks.

Zero Standing Privileges can be implemented by enterprises and organizations to prevent social engineering attacks. If zero standing privileges are implemented, a user will be granted access privilege only for a particular task, and the privilege will last only for the time required to complete that task. In this case, even if the credentials are compromised, hackers won’t be able to access sensitive data and internal systems.

Covid-19 has transformed our workplaces and these transformations are here to stay, along with the increasing cyber threats faced by enterprises. Cybersecurity teams at businesses will have to develop strong and robust policies to respond to the threat arising out of cybersecurity challenges.

Read more
Employees-weakest-link

Why Employees are the Weakest Link in Your Cybersecurity Business


When many business leaders consider the security of their operation, the first things that come to mind are locks on the doors, proper outdoor lighting, and perhaps a security guard on-site, then they begin to look inward and consider their cybersecurity. Toward that end, they invest in the latest and greatest firewalls, antivirus, anti-malware, firmware, and other software fixes while overlooking the most important aspect of their security integrity: their employees.  Why are employees your greatest cybersecurity threat and what are you to do about it?

The very nature of human beings with their curiosity and need for stimulation, information, and novelty makes them the prime target for hackers who want to infiltrate your business network and its data.

Therefore, the full buy-in of the company security endeavors will require an alliance between IT, which should understand your operating needs, and HR, which should comprehend the foibles and psychology of human beings that can make them gateways to cyberattacks.

Also Read: 

12 Cybersecurity Best Practices for Small Businesses:

It is simply not good enough that your employees remember to update passwords regularly; they need to understand how a hacked company system affects them directly. To this end, your IT team should work with HR to develop training that garners staff support for the security processes that need to be implemented.

Here are a few of the issues this composite team needs to address:

Impact on the Company of Down Time and Security Breaches

Explain in the clearest terms how downtime in the company network affects everyone. Use examples such as Ransomware or Spear Phishing attacks or other situations in which your business could lose data or computer access – thus affecting the ability of your company to remain in operation and therefore to employ people!

Lack of Awareness

Simple though it may sound, regular training and reiteration of concepts like having strong passwords, proper storage of customer information, use of locking drawers or file cabinets, how the company uses multi-factor authentication, and data access principles should be ongoing practices.

In addition, all personnel should know how to properly dispose of drives, reports, etc. when they are no longer pertinent. Last here is the need to inform employees of the importance of system/software updates for both company equipment and approved BYOD mobile phones and other devices, as well.

Hazards of Using Unsecured Networks –

This is particularly problematic with BYOD environments including commuting vehicles (e.g., the train and subway), cafés, etc. which are typically unsecured networks. Your employees need to be aware that all online activity conducted on such networks can be visible, putting devices and sensitive company information in peril.

To minimize this risk, explain the difference between using HTTP and HTTPS prefixed sites – the later carries encryption protocols – on any device (laptop, smartphone, etc.) used for work-related activities and help them to understand which work is best left to be performed in the office on company secured devices.

Another off-site peril comes from Juice jacking (stealing data by monitoring public charging stations) in which a hacked wireless charging port can allow cybercriminals to record what is being written or watched on a device as well as download programs to said device.

Personnel who frequently work outside the office should be trained to understand the risks of using public access networks and a few means of minimizing same, such as plugging into an electrical outlet or using their own power bank, having different passwords for each app and device they use, and waiting to perform personal interactions until at home and only installing apps from official marketplaces.

Best, have them use a VPN (Virtual Private Network) set up by your IT team that provides for encryption of data moving between them and any end-user whether they are at home, traveling, or otherwise working outside the office.

IoT (Internet of Things): a Door to System Access –

With the growing complexity of the business operating environment, you may find you have manufacturing equipment as well as simple office equipment such as printers connected wirelessly to your server. These additional pathways offer opportunities for an employee to involuntarily undermine your security by tapping into equipment not meant to be part of their peripherals.

In order to minimize this risk, have your IT team set up not only different passwords for this equipment but different router levels, as well, which prevents certain devices from ever ‘seeing’ other devices they shouldn’t. Turning off equipment when not in use will help to mitigate cross-system access as well.

These steps can also help prevent an unintended internally produced Denial of Service (DoS) attack or Distributed Denial of Service Attack (DDoS) in which equipment or websites crash from an overload of demand.

Don’t forget, your IT team consists of all your employees. To this end, think about the cybersecurity culture you want to create. For instance, have your IT team start broadly sharing new concepts learned trade events, which can keep lines of communication open between departments and can help your staff understand new threats and preventive actions they can take before your business is targeted.

In addition, savvy IT members don’t put all their eggs in one basket; they may like vendor X who provides software X and has worked with them for years but they stay aware of the news of failures of this protective service and are willing to jump ship to vendor Y if that is in the best interest of your company.

Better, working with an outside company, in addition to your in-house staff, who is not a single service provider and whose sole interest is in being knowledgeable about multiple software security tools, techniques and processes and is willing to embrace your company’s unique business protection requirements can be a valuable asset.

Finally, keep in mind that a disgruntled employee with any system access can pose a threat to your business (e.g., copying trademarked or other business-sensitive information for purposes of corporate espionage), and containing them is the territory of HR. However, a coordinated effort between your employees and IT, with the help of training developed actively with HR, will strengthen the personnel link in your cybersecurity chain, in addition to bringing added value to your employee morale due to your consideration of their need to understand, so that they are able to actively participate in protecting your company and their jobs.

Be safe out there!

Read more
Cybersecurity vs Information Security

Cybersecurity vs Information Security: What are the differences?


Cybersecurity vs Information security. I hear you thinking…, What!  I thought cybersecurity WAS information security!  Well, yes, and no.  Let us start with a detailed definition or two.

Cybersecurity vs Information Security

Cybersecurity protects from attacks via cyberspace (that nebulous entity we have all created to work and play in via our technological devices and linkages).  This form of security covers your computers, smart phones, laptops, and other hardware as well as the means of accessing, linking, and communicating through them (think LANs, the internet).

Cybersecurity attacks may target a website your company keeps but are more likely to target the data your company stores and uses to run your business.  This is why information security is important to understand.

Information security concerns itself with the actual raw data your company collects (such as a field requiring a date: MM/DD/YYYY) and the information derived from that data (e.g., a DOB versus a policy renewal date).  This information may be stored digitally (say on a server via the cloud), in an analog format (think about forms or photos in a file cabinet), or both (perhaps a thumbnail drive within a desk drawer).

It is the job of the information security staff to work with a company’s leaders to define and understand what data is most necessary to the successful completion of business tasks and how, in whatever format it exists, it should be protected.

Concerns with Information Security

The primary concerns of information security regarding data are: integrity, confidentiality, and availability.

Integrity – guarding against the improper or accidental modification or destruction of data.

Integrity can be maintained by making sure only permitted persons may edit, modify, delete, or destroy (e.g., shred aged documents) data.  It also includes ensuring authenticity (i.e., being able to verify the identification of a person or process) and nonrepudiation (making sure a sent message or signed document cannot de disputed).

Examples of integrity loss would be analog information not properly protected from environmental conditions (fire, flood, etc.) and so damaged beyond use or digital information improperly transferred or changed without approval.

Confidentiality – reserving access to data – think “need to know” – by preserving authorized restrictions to access and disclosure.

This is especially important for personally identifiable information (PII – such as social security and credit card numbers) and protected health information (PHI).

Here, again, restricting access to those who need the information to perform their job duties is important to protecting information content privacy

A breach of confidentiality may be brought about by human error, intentional sharing of data, malicious entry, etc.

Availability – ensuring that access and use of data is timely and reliable.

Availability is maintained through continuity and functionality of access procedures, backup or duplication of information, and maintenance of hardware and network connections so that data is accessible when needed by the users for daily applications and for business decisions.

As with integrity, a loss of availability can occur when networks are damaged due to natural disasters; or when client devices fail.

In addition, your Information Security personnel should be aware of the many legal and regulatory requirements (like NIST, GDPR [European Union law], HIPPA, and FERPA) of your industry that affect the company’s information security requirements and be able to develop and disseminate guidelines which inform employees on how to protect business sensitive information throughout their work cycle as pertinent to said guidelines.

As you can see, your data damage prevention/recovery and threat mitigation processes will span the information security and cybersecurity assignments making it essential for personnel from both teams to understand the needs of the other and work closely to develop protection protocols for your sensitive business information.

Therefore with the alignment of your cyber and information security teams employees can be trained in the whys and hows of information protection and be helped to understand how conscientious application of developed procedures – whether usually considered as pertinent to cybersecurity (e.g., strong passwords, multi-factor authentication), essential to information security (such as who is responsible for safeguarding sensitive physical material in an emergency), or both (whom to make a report to regarding suspicious activity, keeping mobile devices under lock and key when not in use),. – creates a safer environment for your critical and sensitive business data and aids in keeping your business up and running.

Read Also: Cybersecurity Best Practices for Small Businesses

Remember, one cannot have information security without having cybersecurity but cybersecurity has no true value without an understanding of the information to be secured.  And though information security covers digital data in cyberspace it must not forget the analog data lying around the company.

Plan well and take care!

Read more
Cybersecurity training Tips for Employees

6 Cybersecurity Training Tips For Employees


Cybersecurity Training is very important for employees to survive in an industry dominated by growing virtual crime.

Have you read the WEF2019 Global Risks Report?

The report has listed cyber-attacks among the top five global threats over a decade. Data incident has been listed on the fourth spot.

But if you think your organization is too small to be attacked, here is another spooky survey that says that 43% of online attacks are now aimed at small businesses.

Cyber-threats not only destroy your data but also lead to financial losses, tarnished reputations, and downtime.

No matter what the size of your business, you should make your cybersecurity strong; it all starts with your employees.

This is because employees are often the largest security vulnerability.

They can click on malicious links, exposing your information to cybercriminals. They can use infected devices that can inject the virus into your systems. And above all, they can pose as insider threat or your ex-employee can sell your information to your competitor.

Therefore, there is a need for cybersecurity training for your employees which can be built around the key points given below.

6 Cybersecurity Training Tips For Employees

1. Don’t Blame Your Employees:

In the event of a serious data breach, many employers are likely to blame their ill-fated employees that clicked on the malicious stuff. While it’s true they were the ones to get trapped, accusing an individual of lacking the knowledge is a way to avoid the organization’s responsibility to ensure its employees keep its information protected.

The organization should have a plan to ensure their employees have the knowledge they require making the right decision and knowing whom to ask if they have any security-related questions.

You need to be clear about what to do if anyone has security concerns. It prompts you to create the infrastructure required to share new threats as they occur and get everyone involved in data security.

2. Plan and Create a Solid Security Policy:

You need to create and plan a security policy to cover the appropriate topics and secure the use of the company’s system. Make sure your IT security policy covers everything.

Besides, keep it clear and accessible to everyone in your organization. One more thing—your IT security policy should define the roles and responsibilities for control, enforcing, training, controls, and maintenance.

3. Educate on Password Management:

Password Management is a necessary evil for most business owners. With the IT team failing to remind employees, there needs to be a huge change in attitude if you want to fortify your cybersecurity. Moreover, encourage your employees to use strong passwords. This is important because nearly 81% of security incidents are caused by weak ones.

You can simplify their password management by sharing the tips given below:

  • Use a combination of letters, special characters, and numbers. Get creative with passwords
  • Don’t use simple passwords like ABCD, date of birth or house address
  • Don’t share your passwords with anybody
  • Set different password for every device
  • Change your passwords frequently

4. Make it Mandatory for All:

Fire safety isn’t taught to selected employees, right?

Cybersecurity should be treated in the same way. It should be made a top priority and mandatory for everyone. Your employees should be aware of all old-new threats, no matter if they are into accounts, IT or at the front office. Anyone using a computer should be familiar with basic password security and safe internet browsing practices. Share cybersecurity news regularly.

5. Conduct Regular Cybersecurity Sessions:

Admit it. Documented policies are likely to be read once and never looked at again. Therefore, encourage your employees towards cybersecurity with frequent seminars and quick bursts of training. It will keep them informed, engaged and interested.

These small cybersecurity sessions can be built around the use of passwords, safe use of devices and other security concerns. Make sure to test their knowledge regularly. For example, you can check if they are practicing essential cybersecurity protocols. Do they follow the guidelines? Testing their knowledge and vigilance from time to time is important.

Practice this mock drill:

Send them a fake email to see how many clicks it will get. The results can be shown in the seminar or training session, without revealing the names of the employees who clicked these fake phishing emails.

6. Train Employees to Recognize Phishing Threats:

As we have reviewed, some of the vicious cyber-crimes are caused by human error. Cybercriminals can trick the users into something malicious by using fake email addresses and domains. For example, they might pose themselves as a reputed bank in their emails asking for personal information or bank account details.

In this scenario, employees are required to be taught how to identify such malicious links.

Bottom Line:

There are many more tips on cybersecurity training. However, practicing these key measures will provide overall protection to your data. With improved cybersecurity, you can minimize the risk of cyber-threats across your organization.

It not only secures your system and data but also adds to the reputation of your organization.

What do you think? Let us know by commenting below.

Read more