Latest Articles

Cynexlink CEO Featured on Partner Webinar


Valued Cynexlink partner, SecureLink, issued the following press release regarding its enhanced partner program. To highlight the initiative, Securelink invited our CEO, Ayman Totounji, as the guest speaker to educate other IT providers nationwide and share our experiences implementing SecureLink solutions on behalf of our clients. The recording of that webinar session can be seen here. Also, the SecureLink press release follows:

Today, SecureLink, a leader in critical access management, has established PartnerLink, its enhanced partner program designed to build and grow valuable cybersecurity solutions for customers. SecureLink’s existing partner program has seen continued success since its founding. This year SecureLink signed 11 new partners, including Cavalry Solutions, Cyber Distribution, and SkyHelm, strengthening an ecosystem of 38 partners globally.

“SecureLink has been working directly with partners for a long time and has seen continued success with solutions deployed through partnerships within more than 30,000 organizations worldwide. As our footprint expands, and as critical access management becomes an even greater priority for businesses, now is the perfect time to expand our partner offering,” said Cory Shirk, VP of Sales at SecureLink. “In addition to providing customers with the best solutions, PartnerLink presents partners with the opportunity to grow their own businesses by leveraging our expertise, sales approaches and solutions. While each partner has different goals, targeted verticals, markets and customer sizes, through a collection of exclusive benefits within the program they can increase profitability and grow a personable and sustained partnership with SecureLink.”

To support the growing number of partners in the program, PartnerLink offers four levels of go-to-market (GTM) partner tiers. Each tier of the SecureLink partner ecosystem is determined by partnership performance and includes financial and GTM benefits, with the goal of jointly creating customer value while achieving business goals. These include:

  • Platinum — The highest level of partnership consists of top-performing partners that reach top revenue levels and demonstrate a high level of customer satisfaction. These partners can certify personnel at the highest level and increase value to shared customers via thought leadership to the respective market.
  • Gold — Consists of top-performing partners who successfully target key vertical markets. They meet or commit to specific sales goals or leads delivered and recorded with SecureLink. Sales and technical personnel can go through certification courses and develop GTM solutions to continue sales success.
  • Silver — Entry level of membership for proven and established partners who are still advancing in SecureLink sales and technical expertise and want to reach a gold partnership level in the future.
  • Referral — A referral partnership is for partners who want to register a deal and choose to not resell the SecureLink product.

A partner tier is earned through Sourced Annual Contract Values (ACV), partner profile completion, business plan completion, and certification completion/maintenance done. A SecureLink Partner Committee also meets periodically to evaluate new partner applications and review the progress, success, and needs of partners.

The latest member of PartnerLink is Cynexlink, an all-in-one provider for business IT needs. Cynexlink provides efficient solutions to IT challenges, ranging from broadband and server hosting to cybersecurity threat monitoring and consultations, through assessments, diagnosis, planning and management, at all business levels.

“Cynexlink prides itself on being a one-stop-shop for all business IT needs and through PartnerLink we are able to boost our 24-hour cybersecurity threat monitoring, providing our clients with the solutions to assess, diagnose and prevent their security threats at every business level,” commented Ayman Totounji, CEO at Cynexlink. “We’re looking forward to driving new sales opportunities while building strong relationships within the partner community.”

The benefits of participating in PartnerLink include enablement, marketing and sales support to accelerate growth and help expand security portfolios—further positioning businesses as trusted advisors to customers. Enablement benefits help partners through a partner community, product demo environment and training, and support privileges. Channel marketing, joint planning, and customer leads and success stories, aimed at increasing awareness and demand, are offered marketing benefits. On the sales side, tactics to increase sales and success, such as joint business planning, sales accreditation training, and sales briefings are available to partners.

To join the SecureLink Partner Program, visit the SecureLink Partner page or contact partners@securelink.com to find out more information.

Read more
Safe from Kaseya Hack

Cynexlink Clients are Safe from the Kaseya Hack


Many of you may have read over the weekend that an IT infrastructure management company called Kaseya was successfully breached by a ransomware hack. This event potentially impacted thousands of companies because their IT managers – MSPs like us – used that Kaseya tool to monitor their clients’ networks.

All Cynexlink clients should take comfort in knowing this: you have ZERO exposure to this event.

**Note: if you are visiting our site for the first time, your current MSP uses Kaseya VSA and you are looking to make a change, the quickest way is by contacting us here. We have created a special offer for Kaseya clients and we will reply immediately to help your organization chart a rapid path to IT safety.

The article below provides a quick background on what Kaseya does and why this breach is potentially so far-reaching, as well as why we weren’t completely stunned by news of this breach.

Who & What is Kaseya?

All Managed Service Providers (MSPs) like Cynexlink use various software solutions to manage and monitor their clients’ networks for patching, operating system status, data backup, email spam protection and much more.

The primary monitoring software used by companies like ours is an RMM solution, which stands for Remote Monitoring and Management. Such a tool helps provide us visibility at scale, reporting, automation, efficiency and more. While an RMM solution is merely one tool in the toolbelt of an IT solutions provider like us, it serves as the heartbeat of the MSP’s tech stack.

Kaseya’s RMM product, which they call VSA, is what was breached. This means that not only were all of Kaseya’s MSP clients put at risk, so too were all the end clients of those MSPs! Initial reports said 200 companies were impacted by this breach; we will be very surprised if that figure doesn’t end up far higher when the dust settles.

Familiar names of RMM solution providers include smaller companies like NinjaRMM, N-Able and Atera, while the two biggest, most credible players are ConnectWise and Datto. We use Datto because their RMM tool, Autotask, is our industry’s gold standard.

Kaseya’s Place in the IT Universe

Kaseya has been working feverishly to move up into the top-tier IT provider category alongside Datto and ConnectWise, which is why it attracted so much private equity interest a couple years ago.

Behind the scenes, there has been a ton of consolidation in our industry over the last few years, and it has centered on these RMM tools – either as acquirers or acquirees – driven by economies of scale. By adding firewall management, backup and recovery, cybersecurity tools and more to an RMM under one roof, the potential for growth is staggering. This is why Kaseya has raised over $500MM dollars over the last 2+ years — to grab a piece of that market.

The path to providing more and more IT solutions beyond the RMM tool comes down to a choice between building it and buying it. Kaseya chose to raise money and buy.

With all that fresh PE money, Kaseya went on a torrid acquisition spree, buying backup providers, cybersecurity companies, anti-phishing solutions, network assessment programs and more. The management challenge with such consolidation plays, however is huge: not only do company cultures have to be merged, so do all the business units, product features and technologies used. In such a growth-first environment, key details can be missed without any ill intent whatsoever.

Indeed, our team spends more than 500 hours per year in training and product review sessions in order to stay up on the latest technology and cybersecurity solutions for our clients. When a new, better tool comes along in a category, it gets added to our tech stack and the previous leader gets the boot… being able to monitor IT advancements is one of the big advantages of hiring a firm like ours.

As part of our ongoing IT vetting process, we have assessed a number of Kaseya products in the last couple of years. Without being too specific for not wanting to drive the stiletto too hard at this moment in time, there were definitely some warning signs that key details were being missed.

Massive Business Challenges Remain

It will be interesting to see how Kaseya simply survives this high-profile event.

In the short-term, there is the issue of the $70 million ransom the hackers are demanding to release the stolen data.

Next, every MSP client of Kaseya must be exploring a move to a competitor this morning, but a systemic transfer of that kind is no overnight project. If those MSPs don’t move, however, their end clients will wonder how their IT provider can stay put — or how they can continue to work with, and have confidence in, an MSP that won’t leave Kaseya.

Maybe all of this can be fixed with a little P.R. and a lot more of what matters — actual cybersecurity investment and restructuring. Only time will tell.

For those end clients who don’t want to wait and need help getting away from Kaseya, contact us not only for a special offer for Kaseya clients only, but a simple 3-step, 3 week plan to provide a port in a storm for your network and data.

Read more

Four Simple Cybersecurity Fundamentals


You hear statistics like this all the time: last year, the cost of the average data breach was $3.86 Million. Furthermore, by the end of 2021, worldwide cybercrime costs will hit $6 trillion annually.

Both figures are true but seem so large they’re actually hard to relate to. That said, we can say from experiencing panicked inbound calls from prospective clients who have been hit by ransomware: hackers target businesses of all sizes.

Why? It’s just a numbers game. The evidence shows that 95% of cybersecurity breaches are caused by human error so they probe and they probe looking for the easiest prey, usually through some form of email scam.

Hit a small business for five grand here, a larger one for $150k there… pretty soon you’re talking about real money, as the saying goes.

Because most cybersecurity breaches happen due to an organization’s own negligence or carelessness, be sure you are following these tips – at minimum – to protect your data from cybersecurity attacks:

  1. Keep Your Tools Updated

It is imperative to always install security/antivirus/anti-malware software on your system. It is all the more important to install software updates for your applications, programs, and operative system. The best way to stay updated is to have IT experts like us manage patches and system updates, white labeling them and ensuring they work as intended before installing. If you don’t have such IT support, however, then turn on automatic updates whenever possible. Also, make sure to keep browser plug-ins up to date and use safe web browsers that get automatic and frequent security updates such as Firefox and Chrome.

  1. Password Management

It’s convenient and easy to use the same password across all your subscriptions. Unfortunately, it is also convenient for the hacker to steal your data – breach one system and they’ve breached them all. A password manager generates unique, encrypted passwords for each of your logins and enters credentials automatically. Tools like Keeper and LastPass are such simple and elegant solutions, we can’t understand why everyone doesn’t use them.

  1. Learn to Spot Suspicious Emails

Most understand the need to be vigilant and suspicious of any official looking email that demands bank details or other personal information. To help employees learn how to avoid and report such emails and calls immediately, companies should strongly consider ongoing anti-phishing training. Since email remains the primary threat vector, this inexpensive solution offers perhaps the greatest ROI of all cybersecurity investments.

  1. Never Leave Devices Unattended

Physical security is as important for your network as technical security.  When in public settings, encourage employees to lock their devices by before leaving them even for a short period of time. Also, create org-wide screen timeout defaults, lock your server room and provide employees with lockable desk drawers as well. Good cybersecurity requires a cultural focus.

Cybersecurity does not refer to any single solution (anti-virus, firewall, etc.), it is achieved through layers of protection that are meant to frustrate cyber criminals and encourage them to go elsewhere.

While there are many more complex tools and solutions that help protect larger organizations, businesses of all sizes should be practicing the core fundamentals outlined above if they want to avoid becoming one of the statistics.

Read more

WHY SD-WAN IS IMPORTANT FOR YOUR BUSINESS IN 2021


As today’s businesses have done their best to embrace the newest solutions in an ever-changing technology landscape, it has become clear that conventional network architecture can’t always support the workloads and complexities of the latest digital initiatives.

Here comes SD-WAN.

SD-WAN stands for the software-defined WAN (Wide Area Network). It is a virtual WAN architecture that allows for any combination of networking services such as LTE, MPLS and broadband internet services. It acts as a centralized control function to direct traffic across the WAN.

SD-WAN can help minimize overhead costs while increasing network performance, as well. It also offers flexibility to access multi-cloud services. This advanced technology not only streamlines network management but also ensures several real-world business advantages. Here are a few:

Managing Connection Options

With SD-WAN technology, organizations can create a single network infrastructure that can handle several connection types such as MPLS, broadband or cellular connections.

In addition, SD-WAN can also facilitate the cable or wireless connection between the branch office and data centers.

And when there is a need to connect more remote locations to the network, the connection can be spun up quickly and more easily.

SD-WAN technology eliminates the need of installing expensive routing hardware. Instead, it provisions connectivity from a single location, such as the cloud or headquarters. It also ensures improved flexibility, letting you scale connectivity down and up as per your requirements.

Improving Performance

Not all network traffic carries the same importance to the organization. To answer this reality, companies can configure SD-WAN to prioritize network traffic components, ensuring that vital traffic like VoIP always has the bandwidth and is configured to run over the most reliable route at any point in time.

By delivering important applications through dependable, high-performance connections, you can minimize packet loss and latency concerns, improving productivity and keeping frustrating at bay.

SD-WAN also increases IT efficiency at your other business location as it enables automation and establishes dependable links for IoT projects.

Reducing WAN Costs

MPLS bandwidth is significantly more expensive than public internet bandwidth. However, the costs of MPLS aren’t just an outcome of significantly higher bandwidth charges. Installing an MPLS link can take a huge amount of time, whereas a properly configured SD-WAN installation can be completed in a very short period of time – and additional locations added with just a few clicks!

Time is money for all businesses and eliminating the WAN as a bottleneck can help give a big competitive advantage. SD-WAN can minimize ongoing operating expenses by switching from costly MPLS lines to commodity broadband like cable, DSL, fiber, and even mobile technologies.

Increasing WAN Agility

MPLS wasn’t made with agility in mind. But that’s not the case with SD-WAN, which was designed to maximize agility and flexibility.

By eliminating the hidden complexities of multiple transport systems and allowing for performance-based routing (PBR), SD-WAN lets enterprises meet the unique demands of cloud workloads. Like we have said before, the installation of MPLS can take a huge amount of time. With SD-WAN, the installation at new sites can be done within hours or days.

Likewise, it takes nearly a month to add bandwidth in many MPLS applications, while SD-WAN enables quick bandwidth provisioning at all sites.

Supporting Edge Computing

Another advantage is that SD-WAN can support Edge computing.

Edge computing is a distributed computing technology to deliver computation and data storage to the location where it is needed, which improves response times and conserves bandwidth usage.

With SD-WAN, important data at the edge can be kept at the branch office network—and less important data can be shifted to the cloud. This way, it leads to reduced latency, lower bandwidth usage, and improved reliability.

To learn more about how SD-WAN might improve your business operations while saving you money, as well, contact us for a 1-on-1 demo.

Read more
Top 5 Cybersecurity threats for a business

Top 5 Cybersecurity threats for a business


The “Global Risks Report” by the World Economic Forum says the chance of nabbing and prosecuting a cybercriminal at 0.05%. Moreover, global losses from cybercrime were more than $1 trillion in 2020 alone. Combining these two pieces of information, resilience and business awareness is the key to avoid security breaches and secure sensitive data.

With the increasing level of remote and work-from-home jobs, the sophistication and intensity of cyber threats are also increasing. Below, we are sharing the 5 most damaging cybersecurity threats for businesses and enterprises in 2021:

  1. DDoS Attacks

Last year, nearly 10 million DDoS attacks were attempted, with the loss per hour of service reaching as much as $1,00,000. Previously compromised devices are used by hackers to employ a botnet which is required for a coordinated DDoS attack. Every such machine, which has been compromised by hacking or malware, can be used to perform a criminal activity while the owner of the machine is completely unaware that it is happening.

It used to be that web traffic was targeted using this method. But now, artificial intelligence (AI) is being used by cybercriminals to perform DDoS attacks. While it seems to be a poison, AI can also become the cure for preventing and eliminating DDoS attacks.

  1. Cloud Computing Loopholes

To target cloud computing systems, hackers look to exploit servers with weak passwords and unpatched systems by performing brute-force attacks with the aim of somehow accessing stored user accounts. They can also steal other sensitive data or plant ransomware into the system. There also have been instances of usage of cloud systems to coordinate DDoS attacks or to perform crypto jacking. To avoid the compromise of cloud systems and make them more secure, proper attention should be paid to cloud storage configuration, end-user actions on cloud devices, and the security of application user interfaces (APIs).

  1. Third-Party Software

Today, there is no independent stand-alone digital system that can function by itself. Most organizations employ the services of one or more third-party tools. Some of these tools have at least one critical vulnerability. If exposed to hackers, it can cause the opening of the gateway to a host of other domains. In 2020, third-party breaches affected some of the biggest global brands such as Instagram, General Electric, and Spotify.

  1. Ransomware

Ransomware is a program that encrypts the data on the affected system and then demands payment to release the infected data. In 2020, the cumulative sum of demands generated by ransomware was more than $1.4 billion. Some of the most recent cases of ransomware causing a ruckus include the compromise of research data on Covid-19 at The University of California, and the attack on a German hospital where cybercriminals disabled its patient care systems, which even resulted in the death of a patient undergoing treatment at the hospital.

  1. Social Engineering

Social engineering attacks manipulate human psychology to attain the specific goals for hacking a system. Phishing emails, scareware, and quid pro quo are some of the techniques used in social engineering attacks.

Zero Standing Privileges can be implemented by enterprises and organizations to prevent social engineering attacks. If zero standing privileges are implemented, a user will be granted access privilege only for a particular task, and the privilege will last only for the time required to complete that task. In this case, even if the credentials are compromised, hackers won’t be able to access sensitive data and internal systems.

Covid-19 has transformed our workplaces and these transformations are here to stay, along with the increasing cyber threats faced by enterprises. Cybersecurity teams at businesses will have to develop strong and robust policies to respond to the threat arising out of cybersecurity challenges.

Read more
Employees-weakest-link

Why Employees are the Weakest Link in Your Cybersecurity Business


When many business leaders consider the security of their operation, the first things that come to mind are locks on the doors, proper outdoor lighting, and perhaps a security guard on-site, then they begin to look inward and consider their cybersecurity. Toward that end, they invest in the latest and greatest firewalls, antivirus, anti-malware, firmware, and other software fixes while overlooking the most important aspect of their security integrity: their employees.  Why are employees your greatest cybersecurity threat and what are you to do about it?

The very nature of human beings with their curiosity and need for stimulation, information, and novelty makes them the prime target for hackers who want to infiltrate your business network and its data.

Therefore, the full buy-in of the company security endeavors will require an alliance between IT, which should understand your operating needs, and HR, which should comprehend the foibles and psychology of human beings that can make them gateways to cyberattacks.

Also Read: 

12 Cybersecurity Best Practices for Small Businesses:

It is simply not good enough that your employees remember to update passwords regularly; they need to understand how a hacked company system affects them directly. To this end, your IT team should work with HR to develop training that garners staff support for the security processes that need to be implemented.

Here are a few of the issues this composite team needs to address:

Impact on the Company of Down Time and Security Breaches

Explain in the clearest terms how downtime in the company network affects everyone. Use examples such as Ransomware or Spear Phishing attacks or other situations in which your business could lose data or computer access – thus affecting the ability of your company to remain in operation and therefore to employ people!

Lack of Awareness

Simple though it may sound, regular training and reiteration of concepts like having strong passwords, proper storage of customer information, use of locking drawers or file cabinets, how the company uses multi-factor authentication, and data access principles should be ongoing practices.

In addition, all personnel should know how to properly dispose of drives, reports, etc. when they are no longer pertinent. Last here is the need to inform employees of the importance of system/software updates for both company equipment and approved BYOD mobile phones and other devices, as well.

Hazards of Using Unsecured Networks –

This is particularly problematic with BYOD environments including commuting vehicles (e.g., the train and subway), cafés, etc. which are typically unsecured networks. Your employees need to be aware that all online activity conducted on such networks can be visible, putting devices and sensitive company information in peril.

To minimize this risk, explain the difference between using HTTP and HTTPS prefixed sites – the later carries encryption protocols – on any device (laptop, smartphone, etc.) used for work-related activities and help them to understand which work is best left to be performed in the office on company secured devices.

Another off-site peril comes from Juice jacking (stealing data by monitoring public charging stations) in which a hacked wireless charging port can allow cybercriminals to record what is being written or watched on a device as well as download programs to said device.

Personnel who frequently work outside the office should be trained to understand the risks of using public access networks and a few means of minimizing same, such as plugging into an electrical outlet or using their own power bank, having different passwords for each app and device they use, and waiting to perform personal interactions until at home and only installing apps from official marketplaces.

Best, have them use a VPN (Virtual Private Network) set up by your IT team that provides for encryption of data moving between them and any end-user whether they are at home, traveling, or otherwise working outside the office.

IoT (Internet of Things): a Door to System Access –

With the growing complexity of the business operating environment, you may find you have manufacturing equipment as well as simple office equipment such as printers connected wirelessly to your server. These additional pathways offer opportunities for an employee to involuntarily undermine your security by tapping into equipment not meant to be part of their peripherals.

In order to minimize this risk, have your IT team set up not only different passwords for this equipment but different router levels, as well, which prevents certain devices from ever ‘seeing’ other devices they shouldn’t. Turning off equipment when not in use will help to mitigate cross-system access as well.

These steps can also help prevent an unintended internally produced Denial of Service (DoS) attack or Distributed Denial of Service Attack (DDoS) in which equipment or websites crash from an overload of demand.

Don’t forget, your IT team consists of all your employees. To this end, think about the cybersecurity culture you want to create. For instance, have your IT team start broadly sharing new concepts learned trade events, which can keep lines of communication open between departments and can help your staff understand new threats and preventive actions they can take before your business is targeted.

In addition, savvy IT members don’t put all their eggs in one basket; they may like vendor X who provides software X and has worked with them for years but they stay aware of the news of failures of this protective service and are willing to jump ship to vendor Y if that is in the best interest of your company.

Better, working with an outside company, in addition to your in-house staff, who is not a single service provider and whose sole interest is in being knowledgeable about multiple software security tools, techniques and processes and is willing to embrace your company’s unique business protection requirements can be a valuable asset.

Finally, keep in mind that a disgruntled employee with any system access can pose a threat to your business (e.g., copying trademarked or other business-sensitive information for purposes of corporate espionage), and containing them is the territory of HR. However, a coordinated effort between your employees and IT, with the help of training developed actively with HR, will strengthen the personnel link in your cybersecurity chain, in addition to bringing added value to your employee morale due to your consideration of their need to understand, so that they are able to actively participate in protecting your company and their jobs.

Be safe out there!

Read more
cyber-threat

Does Cyber Threat Hurt My Business Reputation ?


I hope everybody is doing well and staying safe.

Holidays are around the corner.

Here I want to share a good question asked by a friend of mine.

He asked if the cyber threat can hurt his business reputation. Although I am familiar with the outcomes of cyber-attack, this concern is something I found worth sharing.

This is also important as a lot of people ignore the severity of cyber-attacks. They don’t have essential measures in place to protect their data.

Cyber-attacks not only threaten their data but also hurt their business reputation.

Living in a digital landscape where data is stored virtually has become a common practice.

Basically, if we don’t protect our data and we don’t have essential cybersecurity strategies in place, we are simply opening a big gate for threat actors.

As we uh we’re looking at that advanced technology, we need to put in mind that we definitely need to think about cybersecurity besides our marketing and our sales efforts.

Many businesses lack a budget for cybersecurity. Not getting serious about cybersecurity means you are just building a lot of fears that can be made true by one single cyber-attack incident.

Needless to say, it can bring your business down as well as its reputation. When your clients come to know about this, they are more likely to refrain from doing business with you. That’s why it is a serious issue.

Not All Cybersecurity Tools Can Work in the Future

We have an antivirus program for example, and we do have an anti-fishing program and it works.

But the program that did work yesterday does not work today.

Technology is advancing on a daily basis and threat actors are scanning everybody. They’re looking for the security loopholes and vulnerabilities that they can access your network and access your data.

So basically, if you have an antivirus outdated antivirus that used to work probably is not going to work today. So you need to have a vision for the future you need to look always at your business. You need to look at this. Okay.

Bottom Line:

Make sure to protect your asset and data. And it takes you to invest in the right tools as well as secure a little budget for security.

Setting aside a little budget for your cybersecurity might disturb your finances. But it won’t be anything compared to the expenditure you do to bring your business back after a cyber-attack. Cyber-attacks lead to the loss of money and reputation as well. It means that you are losing your trust with customers and hurt your business.

It is equally important to train your employees in cybersecurity. After all, they are the largest security vulnerability despite having the best security tool. They can visit malicious links, exposing your information to cybercriminals.

They can use infected devices that can inject the virus into your systems. And above all, they can pose an insider threat or your ex-employee can sell your information to your competitor. Conducting regular cybersecurity workshops are also an effective way to keep your staff educated on cybersecurity.

If you are a small enterprise, you can organize these events together with other local small businesses. Moreover, organizing cybersecurity workshops for your clients can be a great branding opportunity.

Therefore, invest in cybersecurity tools as well as cybersecurity training you can do right now to consolidate your data security.

I hope this information helps. Thanks for reading. Take care. Signing off!

Read more
Raccoon-Malware

Raccoon Malware: A Threat to Cybersecurity


As if you didn’t have enough difficulty maintaining your cybersecurity, now there is a masked bandit on the loose – for a fee!

Raccoon (a.k.a. Mohazo, Revealer and Legion) malware appeared out of the former USSR in early 2019, is still very active, is available on the dark web for approximately $200 per month, and has a development team which not only creates frequent updates (such as the ability to steal FTP server credentials) but which responds to user requests for enhancements (e.g., keylogger as a possible upcoming feature). The ease of use via a simple dashboard and excellent customer service, if you can believe that, make this malware a long-term threat to your information systems. Unfortunately, its popularity with hackers appears to remain quite steady.

What does Raccoon do? It is an information stealer operating as a MaaS (Malware-as-a-Service) model. Creeping in through phishing and other attack modes, it is able steal data from up to sixty (60) applications, including the leading web browsers.

It has also been used to access cryptocurrency, credit card and e-mail accounts, plus other applications through which data is gathered in order to perpetrate financial and identity fraud against victims. Once the desired information has been accessed, whether it be screenshots, OS data, system settings, or simply the usernames and passwords from various browsers and activities, the data is sent by zip file to the hacker. This ease of use has created over 100,000 infected devices since even the non-tech savvy can operate this malware.

As noted above, Racoon often arrives through phishing scams, ones which can take many forms. It can be deployed within attachments to e-mail spam, a Dropbox .IMG file or even as “bundled malware” wherein it is attached as a rider to a legitimate software download. However, the most popular distribution vehicle for this software is the use of exploit kits, which can deliver the malware without the user’s knowledge while the user does something as routine as surfing the web.

What if your company gets attacked by Raccoon Malware?

If by any chance your company gets attacked by racoon malware what happens then? Relax! There are recovery steps that you can take to eliminate this virus.

First, you need to isolate the effected device. Any suspected device, whether it is connected to other multiple device or not, it needs to be disengaged completely and then an IT specialist needs to be contacted to kill the malware completely.

Secondly, every good IT specialist always advices to have a backup recovery plan for these graves situation. If by chance, your company fails to do so, then you need to make sure that none of the information of the company or the companies connected with your devices has been compromised. The influenced companies should be contacted and advised to change their accreditations.

Lastly, the best solution is to contact an IT specialist ASAP to resolve the whole matter. As they have the expertise to protect your company from these threats!

How can your IT personnel work to protect your company and resources from this threat?

As usual, the emphasis on employee awareness of the need to protect company assets by not opening suspicious content (including malvertisments which may occur on legitimate sites) must be paramount. Training staff to recognize and resist social engineering lures which attempt to bait those clicks is also necessary.

In addition, the BYOD/T (Bring Your Own Device/Technology) environments which allow employees to use their own software, hardware, and/or cloud storage may create a Shadow IT situation which opens your business to these attacks. Your entire IT team, and especially the IT security group, should be aware of this possibility and be active in using up-to-date firewalls and other pertinent software to diminish unauthorized accessing of your systems. For remote employees, your IT team should install on their devices the same antivirus, anti-malware and other safety software as is used by the business at large. Employees using hardware or software not recognized by the protocols implemented by IT should not be allowed system access.

Finally, since Raccoon also scans the caches created by browsers and apps as well as broken downloads, recent files, and other junk that is problematic or infrequently used, a proper repair tool that can sort through and delete these items is essential.

Never forget, your team’s knowledge and skill is an invaluable part of safeguarding your data and business. Proper use of antivirus, anti-malware and other tools to search for and destroy these types of programs is essential. Moreover, their understanding that these threats, especially the ever adapting Raccoon, require constant vigilance; ongoing cybersecurity training meant to thwart those who seek to wreak havoc within your business is vital to your security and peace of mind.

Be aware and take care!

Read more
application-of-virtual-machine

5 Applications of Virtual Machines


The word application is everywhere these days, typically shortened to “app,” particularly when one speaks of a mobile technology solution.  You have a weather app on your phone that allows you to dial up the weather anywhere in just an instant, another in your car to help you navigate to new locales, etcetera.

These specifically designed applications of technology serve you well but when it comes to creating a virtual machine (VM), the difference is that you are creating an application in the older sense of the word.  Per Merriam-Webster an application is: “an act of administering or laying one thing on another”.  When applying a virtual machine (or machines) onto your business computing system you are not necessarily seeking to create one specific new computing application but an overlay which will be used to enhance your overall system and so produce an environment that will serve your company and its’ employees better.

Given below are a few of the common benefits of Virtual Machines for organizations who use them:

The multiplicity of Operating Systems

A Virtual Machine enables the running of operating systems (OS) that would not normally be compatible with your host system (e.g., Windows on a Mac or an Apple overlay on a Linux configuration).  By simulating multiple computer systems from one console users are able to toggle amongst systems and displays from a single workstation. Thus VMs provide the experience of using multiple computers at the same time; ideal for creating complex servers with multisystem needs.   An added advantage of this type of overlay is that users who are comfortable with one OS, perhaps an older non-supported version of Windows, can have their preference available, regardless of the overall company OS, thus aiding them to work efficiently.

Reduced Overhead

Overhead comes in many forms: salaries, benefits, hardware purchases, software licensing, etc. The ability to run multiple OS on a single piece of hardware reduces the need for office machinery as well as its upkeep and operational costs (say a utility bill for electricity to power and cool the machinery).  Fewer physical servers due to running more systems on each one also reduce costs via a reduction in floor space required!

Safety Net for Data – Rapid Disaster Recovery and Auto Backups

Since virtual machines are set up using a hypervisor (a piece of hardware, firmware, or software that creates your virtual machines, allocates resources to them, and then manages them) or similar technology which creates a layer between your physical computer and your virtual machine, the various systems remain entirely separate from each other; this adds an important layer of security to your operations which can help prevent faulty applications or corrupted files from infecting your host machine. For example, if you download a corrupted or infected file on your Virtual Machine, the hypervisor will prevent the file from getting to your host machine.

In addition, since Virtual Machines make regular copies/snapshots of their operations history there is little risk of data loss – making for a highly effective disaster recovery solution as these copies can be revisited as necessary or, in more severe recovery scenarios, moved to another device.  Further, the negligible hardware overhead of your virtual environment poses a lower risk of system failure to your server in the first place.  Finally a Virtual Machine set-up allows you to various applications while you determine what works best for your business needs during development.

Scalability

Since physical space for as well as maintenance costs of additional hardware are not a factor in a Virtual Machine environment, your company and its systems can grow and change more easily. Virtual Machines enable you to add and remove applications with no physical overhead, so that an expanding virtual infrastructure doesn’t require complex budgets for hardware resources. This simulated hardware is a flexible solution to an expanding company server, with multi-application, multi-user needs.

Centralization

The use of virtual machine environments can allow for the consolidation and more efficient management of your IT needs via a single console with commercially available Virtual Machine software helping to monitor all of your systems, applications, and OSs from a single dashboard. Additionally, use of a Virtual Machine performance monitoring tool to collect data and metrics for your network on a regular basis can help to ensure the system is functioning well and there are no impending issues. With proper centralization and monitoring you will be able to track trends (such as which Virtual Machines are consistently reaching resource limits), more effectively approach capacity planning and disk space usage as well as flag any VMs regularly experiencing crashes, delays, or application issues.

Before we conclude, note needs to be made of a special virtue of the flexibility of Virtual Machines, one highlighting many of the benefits noted above, which is their usefulness for Software Development and Testing. Testing in-development software is enhanced as applications can be installed on the Virtual Machine and then reset to a saved state whenever needed. Also, if you are trying out a new application and aren’t sure how it will perform under certain conditions, you can test it on a virtual machine and then reset it to a particular state if it crashes or you want to try something new. This is a definite advantage as doing this on a physical machine may leave you with unexpected crashes and issues even after you uninstall the test software. The isolation from the host OS of the test software on a virtual machine creates a much safer test environment. Plus, you can determine whether an application you are developing works well on all OSs or has bugs in some operating systems but not others.

As always, knowledgeable IT personnel can help you determine which hypervisor is best for your Virtual Machine needs, what type of Virtual Machine to create, how to optimize performance and maintain or increase network speed via proper resource allocation, how to reduce background applications, and which configurations are best for differing users. Use of proper monitoring tools can also enable your personnel to track network traffic and user experience to help prevent bottlenecks, maintain efficiency, and prevent frustration. A well developed Virtual Machine is not just an efficient means of keeping abreast of changing business and IT needs but a thing of beauty.

Plan well and enjoy your new computing environment(s)!

Next Steps to Take

Read more
Cybersecurity vs Information Security

Cybersecurity vs Information Security: What are the differences?


Cybersecurity vs Information security. I hear you thinking…, What!  I thought cybersecurity WAS information security!  Well, yes, and no.  Let us start with a detailed definition or two.

Cybersecurity vs Information Security

Cybersecurity protects from attacks via cyberspace (that nebulous entity we have all created to work and play in via our technological devices and linkages).  This form of security covers your computers, smart phones, laptops, and other hardware as well as the means of accessing, linking, and communicating through them (think LANs, the internet).

Cybersecurity attacks may target a website your company keeps but are more likely to target the data your company stores and uses to run your business.  This is why information security is important to understand.

Information security concerns itself with the actual raw data your company collects (such as a field requiring a date: MM/DD/YYYY) and the information derived from that data (e.g., a DOB versus a policy renewal date).  This information may be stored digitally (say on a server via the cloud), in an analog format (think about forms or photos in a file cabinet), or both (perhaps a thumbnail drive within a desk drawer).

It is the job of the information security staff to work with a company’s leaders to define and understand what data is most necessary to the successful completion of business tasks and how, in whatever format it exists, it should be protected.

Concerns with Information Security

The primary concerns of information security regarding data are: integrity, confidentiality, and availability.

Integrity – guarding against the improper or accidental modification or destruction of data.

Integrity can be maintained by making sure only permitted persons may edit, modify, delete, or destroy (e.g., shred aged documents) data.  It also includes ensuring authenticity (i.e., being able to verify the identification of a person or process) and nonrepudiation (making sure a sent message or signed document cannot de disputed).

Examples of integrity loss would be analog information not properly protected from environmental conditions (fire, flood, etc.) and so damaged beyond use or digital information improperly transferred or changed without approval.

Confidentiality – reserving access to data – think “need to know” – by preserving authorized restrictions to access and disclosure.

This is especially important for personally identifiable information (PII – such as social security and credit card numbers) and protected health information (PHI).

Here, again, restricting access to those who need the information to perform their job duties is important to protecting information content privacy

A breach of confidentiality may be brought about by human error, intentional sharing of data, malicious entry, etc.

Availability – ensuring that access and use of data is timely and reliable.

Availability is maintained through continuity and functionality of access procedures, backup or duplication of information, and maintenance of hardware and network connections so that data is accessible when needed by the users for daily applications and for business decisions.

As with integrity, a loss of availability can occur when networks are damaged due to natural disasters; or when client devices fail.

In addition, your Information Security personnel should be aware of the many legal and regulatory requirements (like NIST, GDPR [European Union law], HIPPA, and FERPA) of your industry that affect the company’s information security requirements and be able to develop and disseminate guidelines which inform employees on how to protect business sensitive information throughout their work cycle as pertinent to said guidelines.

As you can see, your data damage prevention/recovery and threat mitigation processes will span the information security and cybersecurity assignments making it essential for personnel from both teams to understand the needs of the other and work closely to develop protection protocols for your sensitive business information.

Therefore with the alignment of your cyber and information security teams employees can be trained in the whys and hows of information protection and be helped to understand how conscientious application of developed procedures – whether usually considered as pertinent to cybersecurity (e.g., strong passwords, multi-factor authentication), essential to information security (such as who is responsible for safeguarding sensitive physical material in an emergency), or both (whom to make a report to regarding suspicious activity, keeping mobile devices under lock and key when not in use),. – creates a safer environment for your critical and sensitive business data and aids in keeping your business up and running.

Read Also: Cybersecurity Best Practices for Small Businesses

Remember, one cannot have information security without having cybersecurity but cybersecurity has no true value without an understanding of the information to be secured.  And though information security covers digital data in cyberspace it must not forget the analog data lying around the company.

Plan well and take care!

Read more