Satellites Are A Wide-Open Channel For Hackers

The recent Black Hat 2020 Conference went virtual this year, like other major conferences.

The industry-recognized information security event ran August 1-6, 2020 and featured a combination of training, briefings, and keynote speakers.

One keynote, an academic researcher and Oxford doctoral candidate, brought to light some alarming information regarding the widespread accessibility of eavesdropping hacking.

James Pavur spoke about gaps in the communications streaming process created by wide coverage areas.

It turns out that conversations that take place in your home may be open to any prying ear with just a mere $300 in equipment costs needed to gain access.

Satellite communication equipment can be used by attackers from across the globe due to their wide geographical attack area. While outgoing connections from a user to a satellite take place through a narrow channel of communication, the reverse down link between the satellite and the user is a broadcast transmission that is more susceptible to interception.

Pavur demonstrated the process of tuning into channels with a low-cost satellite dish, an easy piece of equipment to acquire second hand. He explained that when paired with a PCIe satellite tuner card and a satellite locator software like EPS Pro, hackers could easily identify vulnerabilities.

This is startling news for the average consumer, but the implications of these capabilities are far-reaching for many industries that rely on satellite ISPs in areas where terrestrial communications are insufficient.

Industries that rely on satellite communication like aviation, oil, and cruise lines are particularly vulnerable. In fact, Pavur cited one example that could give hackers access to the same information your internet service provider sees.

“Imagine a cruise line that has a bunch of Windows devices aboard it ships. This Windows local area network with all that internal LDAP traffic and SDP traffic will be broadcast over the satellite link, giving an eavesdropper perspective from behind the firewall.”

What can businesses do to guard against attack via satellite?

With the presence of commercial satellites increasing, it has become more and more important for businesses to prioritize defending themselves against unwanted access. The first step in this direction is to create and maintain a cybersecurity policy within your organization. Whether your plan consists of in-house IT management or outsourcing, it’s important to have a dedicated team that handles cybersecurity needs.

That team should address the following security needs:

  • Utilize secure tunneling to protect sensitive information
  • Adhere to strong encryption practices for all transmitted data
  • Implement stronger authentication requirements

The attack surface for hackers seems to be expanding at a rate that is difficult for many businesses to keep up with. We’re happy to audit your current cybersecurity system.

Schedule a consultation today with a Starfish Computer specialist!

Here’s Why You Should be Very Worried About the Garmin Hack

Do you wear a smartwatch or other wearable devices? Do you track your health and fitness activities? Do you rely on navigation while driving your car or, perhaps, while you’re out sailing?

If the answer is yes, you should definitely be very worried about the implications of the recent cyber attack on Garmin, the global leader in GPS navigation technology and communication devices, not just for the fitness industry, but for the automotive, marine, aviation, and outdoor markets as well.

On July 23, the company published a vague update on their official Twitter profile:

“We are currently experiencing an outage that affects Garmin Connect, and as a result, the Garmin Connect website and mobile app are down at this time. (1/2)

This outage also affects our call centers, and we are currently unable to receive any calls, emails or online chats. We are working to resolve this issue as quickly as possible and apologize for this inconvenience. (2/2)”

After days of Garmin’s systems being down, the company issued a statement confirming the rumors that it was, in fact, hacked.  

“Garmin Ltd. was the victim of a cyber attack that encrypted some of our systems on July 23, 2020. As a result, many of our online services were interrupted including website functions, customer support, customer facing applications, and company communications. We immediately began to assess the nature of the attack and started remediation.” 

The statement that the outage had encrypted some of their systems, suggests a confirmation of the speculations that Garmin was hit by a ransomware attack, which affected a big chunk of their data. 

According to BleepingComputer, the ransomware is known as WastedLocker, and is attributed to Evil Corp, a cybercriminal group believed to be constituted of Russian hackers. Evil Corp’s primary targets are US businesses and organizations. Multiple sources online report that the ransom payment was set at $10 million.

While the company confirmed that the outage had affected the Garmin Connect mobile app, website, as well as their call centers, emails and chats, BleepingComputer reports that it failed to mention that flyGarmin services used by pilots, including the flyGarmin website and app, Connext Services and Garmin Pilot Apps used to download flight plans were also down as well. Furthermore, they share that the hack affected inReach satellite tech and Garmin Explore.

Considering the sensitivity of data that is collected by Garmin on a daily basis, such as GPS, health, fitness, flight plans, marine routes, and much more, and the use of Garmin’s systems not just by regular people, but entities such as the US military, cybersecurity should be taken extremely seriously by the company. Yet, it wasn’t, and it was targeted by hackers that are looking to (1) make money and (2) obtain such data, for whatever purposes. 

Despite the fact that Garmin reported that they “have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen,” the question remains whether data that is even more critical was extracted. 

Garmin may be “happy to report that many of the systems and services affected by the recent outage, are returning to operation,” but it is still not clear whether they had to pay the $10 million ransom to restore the services used by both consumers and companies worldwide.

Many Credit Unions Are Missing This Crucial First Step to Cybersecurity

You’ve probably never encountered a major security breach within your company, but that doesn’t mean that hackers don’t already have your sensitive information on the dark web.

Chances are, there are details about your company and its employees sitting in databases on hidden websites not accessible to ordinary computer users. 

This information is just waiting for the right buyer to name the right price and could consist of the following:

  • usernames and passwords
  • internal email addresses
  • employee social security numbers
  • financial credentials 

What steps has your business taken to ensure that this isn’t your company’s reality?

According to Michael Bruemmer, vice president at Experian Data Breach Resolution:

“There has never been a more important time for organizations to be equipped with the knowledge and resources needed to try to prevent and respond to a data breach.”

Experian discovered a major data breach on July 29, 2017 that had been going on for several months without the company’s awareness. That attack wasn’t the first and proceeding cyber attacks confirmed that it would not be the last.

On July 19, 2019, Capital One discovered that the credit applications of 100 million Americans & 6 million Canadians had been compromised. Those records included credit applications submitted from 2005 through 2019.

The cyberattacks on financial institutions predictably continued into 2020 with Fifth Third Bank’s involvement in a “fraud ring” that compromised personal data of 100 customers. While admittedly not as high profile as the former examples, the problem in all cases is clear.

Each institution was forced into a reactive response that might have been avoided with heightened proactivity.

Equifax bungled its attempt to inform and protect compromised customers with a poorly functioning crisis resolution site and ill-planned responses. This was an additional hit to their credibility.

Capital One’s reaction was better organized. They contacted account owners involved in their data breach by mail within several weeks of the discovery.  No doubt this presented a tremendous drain of resources needed to correspond with affected customers. 

Similarly, when Bank of America discovered the breach on Paycheck Protection Program applicant data, they offered customers affected a free two-year identity theft protection membership through Experian. They also encouraged their clients to follow safety tips like close account monitoring for at least the next year.  

The costs may have been different in each scenario, but loss was unavoidable. The best way to avoid similar turmoil within your business is to take a proactive response to security.

It’s difficult to be certain of when there are so many entry points accessible to the right hacker. A 2019 Global Data Risk report published by Varonis Data Lab found that individual employees have an access to an average of 17 million files and 1.21 million folders.

Without strong security infrastructure in place, your company may be vulnerable to attack. There were 1,473 data breaches in 2019 and more than 164 million records exposed.

Address your company’s security proactively. Schedule a free dark web scan today to ensure that you and your customers aren’t the victim of the next data breach.

CRYPTOJACKING: How to Protect Yourself from Cyber Crime

With the rapid rise of cryptocurrency, comes the rapid rise of cryptojacking – a form of cybercrime which entails an unauthorized use of the processing power of a person’s computer, tablet, mobile phone, or other device, to mine for cryptocurrency on behalf of the hacker. Essentially, cryptojacking allows hackers to make free money by gaining access to someone else’s device with just a few lines of code.

The reason why cryptojacking is attractive to hackers is because mining for cryptocurrency is an expensive process that requires a lot of resources, such as costly computer equipment and extensive use of electricity, which brings about higher bills. In addition to that, the more machines hackers get access to, the faster they mine and create coins.

There are two types of cryptomining attacks:

  1. Cryptojacking: mining via compromised websites
  2. Malware-based cryptomining: mining via a malware on a device

How does cryptojacking work?

Cryptojacking occurs when a person’s browser is used to mine cryptocurrencies without their consent. Since hackers don’t have to use malware, browser-based attacks are much easier compared to other forms of cryptomining. By infecting a single web server, hackers can subject all visitors of the websites hosted on that server to cryptojacking.

Here’s how cryptojacking happens:

  1. The hacker compromises a website with a cryptomining script, which can be included in the website, a third party ad loaded by the website, an extension or browser plugin, as well as a pop-up window
  2. The user visits a compromised website, and the cryptomining script starts working
  3. The user, thus, starts unknowingly mining cryptocurrency for the hacker
  4. The hacker receives cryptocurrency

What happens to the device used for cryptojacking?

While the cryptojacking script is running, the user will notice a very high graphics card and/or CPU usage level. The device will start overheating and running slower than usual, and the battery levels will drain faster.

How to know if your device is being used for cryptojacking?

Check the Windows Task Manager on a Windows device and/or the Macintosh Activity Monitor on an Apple device, and review if there’s a substantial increase in CPU usage.

How to defend yourself against cryptojacking?

Fortunately, cryptojacking can be managed fairly easily. Here are some tips on how to protect yourself from this cryptomining form of cybercrime:

  1. Use an ad-blocker
  2. Only use browser extensions and plugins that are distributed by a trusted app store such as Google Play. In addition, check your browser extensions regularly, and remove/disable the ones that you don’t use
  3. If you notice that your device is heating up, restart the web browser
  4. Disable JavaScript and only allow trusted websites to run it
  5. If you’re concerned about how malware could be compromising your businesses’s sensitive information, give us a call today! We’ll walk you through the solutions that we provide so you can be confident in your company’s security.

Data Privacy Laws: Why You Should Care

Considering the amount of personal information being shared all over the Internet on a daily basis, it comes as no surprise that Data Privacy Laws are becoming the fastest growing and most interesting part of law these days. As people share sensitive, personal information every minute of every day, the concerns about the nature of use of that information by businesses and services grow exponentially, causing a need for updates and changes to existing privacy laws both in the US and abroad.

Privacy laws used to be stricter for industries such as finance and health, but today all businesses face data protection regulations, and should take the steps necessary to be compliant with current, as well as future requirements. Moreover, businesses could face huge fines if they don’t protect the privacy of people whose information they’re collecting.

It is a known fact that businesses collect an immense amount of data on anyone that visits and uses their websites. That data can include names, addresses, phone numbers, social security numbers, data about physical appearance, information on education, work history, salary, tax ID, medical data, location data, as well as call history, messages, and much more. The problem with this is that businesses don’t stop at just collecting the data, but often fail to protect what’s collected, and sometimes even abuse the sensitive information gathered over the years. For example, a lot of businesses sell users’ data to third parties.

Regulating misuse of personal information, protecting the consumers, and imposing fines, is at the core of Data Privacy Laws, the most famous being EU’s GDRP. The GDRP gives people the right to be informed about the type of data that’s being collected about them, how it’s being used by the businesses, how long it’s going to be stored, where it’s going to be shared, and more. It also gives people the right to request and access the personal data that’s being collected, the right to request a deletion of the data, the right to limit how the data is used, the right to object to certain use of data, and the right to be informed about automated decisions that affect their data.

In the US, the crucial Data Privacy Laws that businesses have to be aware of are:

HIPAA (Health Information Privacy and Portability Act) which safeguards patients’ personal health information.

GLBA (Gramm-leach-Bliley Act) which safeguards consumers’ financial data.

CCPA (California Consumer Privacy Act), which comes into effect on January 1, 2020, gives people the right to control how companies collect and use their personal data. 

Here in Ohio, most business owners should be familiar with the Ohio Data Protection Act. The law was passed August 3, 2018 as a means of protecting both businesses and consumers from data breaches. While it is voluntary for businesses to participate, it incentivizes business owners to create and maintain a cyber security program. This program should do the following:

  1. guard against identity theft by preventing unauthorized information access
  2. anticipate and plan for any threats to security
  3. maintain the confidentiality of personal information
  4. outline technical, administrative and physical safeguards that meet or exceed cyber security expectations recognized by the industry

Put in simple terms, these privacy laws make sure that companies can’t just collect people’s personal information for the sake of collecting it. They have to have a specific, lawful purpose for gathering and processing data. Moreover, they provide a framework for protecting companies and their customers from outside security threats.

If you are interested in better aligning your business with the requirements of evolving data privacy laws, take the first step today with a call that will transform the security of your business.

Prepare for the unexpected and protect your sensitive data. Contact us to get started.

Voice Search SEO – What is it and why should you care?

None of us is exempt. We’re all staunch adherents to this modern day phenomena that has become a rite of passage to 21st century living, extreme multitasking. We’re expected to get more done in less time so any means of efficiently allowing us to do so is welcomed with open arms.  Enter the world of Voice Search, which has equipped average Joe’s (& Jane’s) with their own personal digital assistant, available 24 hours, 7 days a week to answer any inquiry. Voice search has gained traction due to its convenience – it can be done while users are in the middle of other important tasks such as cooking, cleaning, and driving. The potential for that is endless as consumers become increasingly aware of the number of ways that hands-free assistance can serve them in their day-to-day lives. 

While the level of utilization still has significant room for growth, we’re already in the middle of a revolution that will have a huge impact on the way that consumers find businesses and how businesses are seen by those consumers. In 2016, Google told us that 20% of mobile searches for that year were voice searches. Fast forward to 2019 and audio technology has already grown more sophisticated. Comscore predicted that within the year, we will see 50 percent of searches initiated through digital assistants. 

Voice search has widened the communication channel, allowing us to search more precisely with a sense of intimacy that cannot be found in traditional typed searches. That sense of intimacy results in an entirely different framing of search phrases. In fact, in most cases, they are no longer phrases at all. We’ve transitioned into more conversational queries, often structured as questions, that require a different search engine optimization strategy from businesses. As a consumer, the rising popularity of voice technology is simply a matter of expanding convenience and accessibility. However, for businesses this technology calls for a major shift in marketing efforts.

Perhaps the most important shift businesses can make is to curate content fueled by customer interactions,with a focus on providing an answer that is within the context that your consumer is expecting. You can gain better insight into phrases they might use by observing the language they use in exchanges with your business and using that as a framework from which to build your web copy. Those observations should present you with an idea of long-tailed, intuitive keywords that can be used to create more visibility for your business. Those keywords can be included within a featured snippet on your website, an above the fold summary of a body of content typically prioritized above regular search listings. 

You’ll also want to be sure to leverage Google Business listing, which supplies Google with location information relevant to your business that can help you show up in location-based searches. To put the importance of this in perspective, consider the frequency in which you ask Siri location-based questions. She pulls her response to you from a list of businesses registered to Google Business. 

30% of all website sessions are now being conducted without a screen. As a business, that means you just inherited the new challenge of ensuring your business is prepared.

Tweets Can No Longer Be Sent From SMS To Twitter

If you use Twitter on a regular basis, then you probably saw the official tweet from the company. Effective immediately, they’ve shut down the functionality that allowed users to tweet via SMS, something that has been a part of the platform since its earliest days.

For the time being, the company is keeping SMS-based two-factor authentication for account holders, but that may change.

Currently, it’s too soon to say with any degree of confidence. The recent action was taken in response to serious security flaws with tweeting via SMS that made user accounts vulnerable.

This is not the first time the company has suspended use of the feature. The first time they did it though, the suspension lasted just two days. It happened September 4th and 5th of 2019 after CEO Jack Dorsey’s Twitter account was hacked. This time, there’s no end in sight.

Users who rely on SMS-based tweeting are urged to make the transition to the social network’s Twitter mobile app, which serves as a viable alternative.

It should also be noted that while SMS-based tweeting has been suspended for most of the world, there are a few remote areas where it’s the only option available, and in those places, the capability to send a tweet via SMS remains intact.

The Twitter support team’s message about the change was short and to the point, reading simply:

We want to continue to help keep your account safe. We’ve seen vulnerabilities with SMS, so we’ve turned off our Twitter via SMS service, except for a few countries. If you were using Twitter vis SMS, you can log in at twitter.com or download our mobile app to enjoy the full Twitter experience.”

At this time, there is no word on if or whether the service will be restored. If it’s something you’ve been in the habit of relying on in the past, be aware that you’ll have to make a few changes to your routine.

Used with permission from Article Aggregator

Beware Fake Craigslist Email Could Contain Ransomware

If you post ads on Craigslist for short term employment, be aware that there’s a new malspam campaign that aims to distribute Sigma ransomware on the computers of unwary users.

By all outward appearances, the emails seem to come from Craigslist in response to ads posted in Craigslist’s “Gigs” section for short term employment.  The emails will generally express interest in whatever job the user has posted and include a protected Word or RTF document which recipients will assume are resumes.

If the recipient enters the password to unlock the document, they’ll then be presented with a screen that asks them to enable the content in the document.  Unfortunately, this is the step that dooms the user. The file isn’t a resume at all, but merely a delivery vehicle.

As soon as the content is enabled, the ransomware will be installed, the user’s files will be encrypted, and then will “helpfully” post a message explaining that the files have been encrypted, and explaining that to get access to them again, they’ll have to pay a $400 fee, which rises to $800 if the user waits longer than seven days to request the decryption key.

Unfortunately, there’s no known way to decrypt Sigma-encrypted files other than paying the ransom.

This is a new twist on a very old game. Even worse, it’s enjoying a relatively high success rate because people who post ads for short term employment on Craigslist expect to get responses from people they don’t know. They expect that those people will be sending resumes for review.

The “tell” is that when a potential employee sends you a resume, it’s almost certainly not going to be password protected.  In this case, your best bet would be to reply to the sending and ask them to send you a non-protected resume if they’re genuinely interested in the job.

Used with permission from Article Aggregator