data compromise | GIGE IT Solutions: IT Services Mississauga

Network Hacks Increase With Work-from-Home Adoption

gigE — Mon, 27 Apr 2020 16:47:28 +0000

Arctic Security, a Finnish Cybersecurity company, has recently conducted a study about the impact of Work-from-Home on the number of Network Cybersecurity Incidents in Finland. It was discovered that Finland usually sees around 200 network compromises per week. However, the country saw an increase to 800 incidents during the 3rd week of March. It was found that similar increases in network hacks were seen in countries such as Norway, Denmark, Belgium and Italy. All in all, over 10 000 companies were victims of network cybersecurity hacks in March of this year.

What are steps that you can take to protect yourself?

It is essential to keep your organization’s patch management up-to-date. Vulnerabilities such as CVE-2019-11510 exploit networks that do not have the latest patches on their devices. By keeping your devices patched, you ensure that you are protected from all the known vulnerabilities that have already been repaired by software developers.

Constantly monitor your devices for suspicious activity and logins. In the event that a device is compromised, time is a critical element in minimizing the damage that the attack can cause. If an incident is identified early, damage can be mitigated segmenting off your network and then identifying the extent of the breach. This can reduce the effectiveness of worm-capable malware, which can quickly spread over a company’s network after initial infection without any input from the victim.

Enable multifactor authentication on your devices. With the increase in VPNs and Remote access, it is essential that you keep your company accounts safe from unauthorized actors. By enabling MFA, you ensure that even if a cyberattacker has your credentials, they cannot access your account without access to your secondary device or your email.

Don’t fall victim to network cybersecurity attacks during this time. Contact us today at +1 888 366 4443 or email us at info@gige.ca to get started with GIGE’s network experts today.

The post Network Hacks Increase With Work-from-Home Adoption first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Network Hacks Increase With Work-from-Home Adoption appeared first on GIGE IT Solutions: IT Services Mississauga.

Lessons Learned From The Cathay Pacific Data Breach

gigE — Tue, 10 Mar 2020 20:15:09 +0000

Hong Kong airline company Cathay Pacific was fined 500 000 pounds by the UK Information Commissioner’s office due to a data leak where 9.4 million user records were leaked. Of the affected individuals, over 100 000 were from the UK.

The data breach was the result of unauthorized access to Cathay Pacific’s servers that dated back to October of 2018. In a statement on the breach, Cathay Pacific stated that it would like to “sincerely apologize for this incident”.

The UK’s Information Commissioner’s Office discovered that the data breach had resulted in the records between October 2014 and May 2018 to be leaked.

This incident illustrates the importance of applying security patches to protect organization server. Cathay stated that it suspects the data breach occurred due to a known security vulnerability being exploited by cyberattackers. In its investigation, the UK Information Commissioner discovered that the company did not apply the security update fixing the patch, which was released over a decade prior to the attack. The vulnerability, which was not publically named, was in fact discovered in February 2007. It is known that attackers exploiting this vulnerability does not need technical skills and is able to get administrative access to a victim’s computer. Cathay pacific admitted that its regular vulnerability scans, which are used to detect potential security flaws in the company’s network, was not able to detect the vulnerability for over 10 years. It was discovered that one of the systems that was compromised had 16 security updates that were pending.

Another reason that the Cathay Pacific data breach occurred was that one if its servers was running an operating system that was no longer supported by its developer. Operating systems (O.S.), like many other software, requires constant updates to repair new security vulnerabilities that are discovered. After an operating system becomes end-of-life, however, the developer no longer releases software updates for it, leaving computers still running the operating system vulnerable to cyberattack. The most recent instance of this occurring is the Windows 7 End of life, which occurred on January 14^th of 2020. You can read more about operating system patches in our article here.

It is clear from the Cathay Pacific data breach that proper patch management is an important facet of keeping your organization’s IT safe from cyberattack. GIGE IT solutions’ network experts help you organization identify vulnerabilities in your organizations’ network. We audit and provide consultation and remediation strategies to help you stay protected from data leaks and cyberattacks.

The post Lessons Learned From The Cathay Pacific Data Breach first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Lessons Learned From The Cathay Pacific Data Breach appeared first on GIGE IT Solutions: IT Services Mississauga.

10.6 Million Customer Records Leaked by MGM Resorts

gigE — Fri, 21 Feb 2020 15:34:39 +0000

Over 10.6 million customer data records were leaked by the MGM Resorts Hotel in a recent data breach.

Information that was leaked to the public included customer addresses, phone numbers, birthdays, and email addresses. The information was posted publicly on a hacking forum.

In the post-leak security audit, MGM discovered that the breach was caused by an unauthorized individual gaining access to one of the company’s cloud servers in the summer of 2019.

In a statement, MGM assured the public that credit card information or password data was leaked in the incident.

Best practices if your personal data has been leaked

In today’s information environment, it is almost impossible to avoid becoming the victim of data leaks such as the above incident. However, what are some damage mitigations steps that you can take if you are notified that your data has been exposed?

Monitor your accounts diligently

Constantly monitor your inboxes, as companies will often notify account holders of suspicious logins from unfamiliar locations. If you receive an email that your account has been accessed from an unfamiliar location or device, change your credentials and log out of all other locations immediately.

Using 2 factor authentication

If your password was among information that was leaked, it is important to update any other accounts that share the same password. As an additional security measure, it is also best practice to enable 2 factor authentication on your accounts, as they will prevent a cyberattacker from entering your account even if they are in possession of your login credentials. To read more about 2 factor authentication and password management, read our article here.

Don’t let your business fall victim to data leaks. Call GIGE IT Solutions at +1 888 366 4443 for a consultation on weak points in your organization’s network infrastructure. Get started with us today.

The post 10.6 Million Customer Records Leaked by MGM Resorts first appeared on GIGE IT Solutions: IT Services Mississauga.

The post 10.6 Million Customer Records Leaked by MGM Resorts appeared first on GIGE IT Solutions: IT Services Mississauga.

A New Citrix Device Vulnerability Has Been Discovered

gigE — Wed, 22 Jan 2020 17:31:37 +0000

A new security vulnerability has been discovered in Citrix devices. The Canadian Centre for Cybersecurity has advised Canadian businesses to temporarily disconnect their Citrix devices from the internet. The repair patch has been rolled out as of January 19th 2020, with additional patches scheduled for January 24th. Users are advised to patch their devices as soon as possible.

The vulnerability, codenamed CVE-2019-19781, has been officially confirmed to be circulating in Canada. Exploiting the vulnerability allows for a cyberattacker to gain control of a computer without the use of valid credentials.

Products that are affected by the vulnerability include Citrix application Delivery controller, Gateway, and SD-WAN WANOP devices.

Why are Citrix Devices being targeted by Cyberattackers?

In many organizations’ networks, Citrix devices are often connected to both employee workstations as well as backend servers. Therefore, if a cyberattackers gains access to a Citrix device, they are in position to further the attack by spreading malware throughout the network. London-based cybersecurity company Positive Technologies noted that Citrix devices are often the first point of attack for many cyberattackers.

The exploits have been released publically

On January 10^th, Project Zero, a group of cybersecurity researchers, released the first Proof of Concept (PoC) of the Citrix device exploit. PoC exploits are often released to the public as non-harmful attacks meant to show vulnerabilities in software to help companies patch them. However, FireEye researchers discovered that malicious versions of the exploit were circulating shortly after the PoC was made public.

What can you do to protect yourself?

Citrix has provided a list of protective measures. You can read more about them here. However, the Canadian Centre for Cyber Security noted that these defensive measures won’t be effective for all devices. In the case that they cannot be applied to your device, they recommend that it is disconnected from the internet until a new patch is rolled out.

Our cybersecurity experts can help you find vulnerabilities in your company’s network. Don’t fall victim to cyberattack. Call us at +1 888 366 4443 or email us at info@gige.ca for more information.

The post A New Citrix Device Vulnerability Has Been Discovered first appeared on GIGE IT Solutions: IT Services Mississauga.

The post A New Citrix Device Vulnerability Has Been Discovered appeared first on GIGE IT Solutions: IT Services Mississauga.

Travelex falls victim to “Sodinokibi” Ransomware

gigE — Thu, 16 Jan 2020 18:12:45 +0000

The list of ransomware victims continues to grow. On New Year’s Eve 2020, Travelex, an international foreign exchange company, disclosed that it was struck by the “Sodinokibi” ransomware strain. Also known as REvil, Sodinokibi ransomware prevents users from accessing their computer data by encrypting it behind a ransomwall. The ransom demand for Travelex was $6M USD. They also stated that failure to pay the payment within 2 days will result in double the ransom demand.

In an effort to mitigate the spread of the ransomware, Travelex immediately disconnect infected computers from its company network.

The cyberattackers revealed to BBC that it had actually infiltrated Travelex’s network 6 months prior, and had been able to steal over 5 GB of customer data. According to the group, they have got access to customer information including birthdays and credit card information. This has been a common strategy of newer ransomware strains. Releasing the stolen data is used as a second point of leverage to extort money out of victims.

Cyberthreat intelligence company Bad Packets stated that it had notified Travelex of 7 security vulnerabilities present in their systems in September 2019. The vulnerability was caused by a security flaw in the Pulse Secure Virtual Private Network. According to Bad Packets, the vulnerability was actually patched April of that year, but that Travelex had failed to update its systems to the newest software version, leaving them vulnerable to attack.

The vulnerabilities present in the Pulse Secure VPN were widely known in the second half of 2019. In August of that year, the Canadian Center for Cyber Security urged for Canadian businesses to update their software to the latest versions to protect against attack. In October, the US National Security Agency, and the UK National Cyber Security Center issued similar warnings.

What does the vulnerability allow cyberattackers to do to unprotected systems?

Cybersecurity researcher Kevin Beaumont stated that the VPN vulnerability, also called CVE-2019-11510, allowed for attackers to remotely gain control of unprotected systems even without the use of the user credentials of the computer.

As illustrated by the Travelex, keeping computers up-to-date with current software updates to protect against cyberattack.

The post Travelex falls victim to “Sodinokibi” Ransomware first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Travelex falls victim to “Sodinokibi” Ransomware appeared first on GIGE IT Solutions: IT Services Mississauga.

Today We Say Goodbye to Windows 7

gigE — Tue, 14 Jan 2020 19:02:37 +0000

Goodbye Windows 7 – today, January 14th 2020, is the day that Microsoft officially ends security support for Windows 7 computers. This means that PCs still running the decade old operating system will no longer be receiving security updates from Microsoft. According to NetMarketShare’s statistics, 1/3 of PCs around the world are still running Windows 7.

Microsoft urges all of these users to update to a newer operating system, either Windows 8.1 or Windows 10 in order to stay protected against malware threats such as ransomware. Sensitive personal information on your home or business PCs are at risk of exposure.

It’s not all bad news – Google has said that it will continue to release updates for its Chrome browser for Windows 7 until 2021. However, this by no means covers all security bases, and migrating to a newer operating system is still the best option in terms of cybersecurity.

If upgrading is not an option, follow these best practices to keep yourself protected:

For businesses still running Windows 7, your employees are the first line of defense against malware. One of the most common methods of infection is through malicious links in fraudulent emails – a strategy known as phishing. By education your employees with frequent seminars on current threats and phishing telltale signs, you can minimize the likelihood that malware can infiltrate your network. If you would like an overview on some of our recommendations against phishing, you can check out our article on the topic here: Phishing Scams – What are they and how can you protect yourself?

For both businesses and consumers, it is important not to store sensitive information such as credit card data on your Windows 7 PC. Furthermore, avoid using online banking apps on Windows 7 PCs.

Don’t fully rely on your Windows 7 PC’s storage. Keep backups of your important data in a separate location – either on an external hard drive, a USB, or on another PC. Some types of malware, such as ransomware, locks user data behind a ransomwall, demanding payment for its release. Once a computer is infected with ransomware and the data is encrypted, it cannot be read unless it is decrypted with a key only known by the attackers.

If you would like to learn more about the dangers of staying on Windows 7, you can visit our page here, or email any questions to info@gige.ca

The post Today We Say Goodbye to Windows 7 first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Today We Say Goodbye to Windows 7 appeared first on GIGE IT Solutions: IT Services Mississauga.

22 Governments in Texas Hit By First Coordinated Ransomware Attack

gigE — Wed, 28 Aug 2019 19:11:23 +0000

On August 16^th, the Texas Department of Information Resources (DIR) stated that 22 local Texan governments were simultaneously hit by coordinated ransomware attacks. They also stated that most of the victims were small-sized local governments.

While government-targeted ransomware attacks are not new, this is the first incident of this scale and level of coordination. According to the Texas DIR, a single attacker was behind all of the attacks.

The city of Keene was one of the 22 cities that were affected. Mayor Gary Heinrich stated that the cyberattacker demanded a total ransom amount of $2.5 million. According to Heinrich, many of the compromised cities had IT software that was externally managed by a third party organization.

What is a ransomware attack?

Ransomware is a type of malicious software cyberattack where sensitive data on a victim’s computer is encrypted by an attacker, who demands a ransom to be paid for decryption.

Ransomware attacks have become more prevalent in recent years. Just last month, Florida’s Lake City and Riviera Beach City were both hit by ransomware attacks costing the cities $500 000 each. In September of last year, the town of Midland Canada suffered a similar attack. Laredo, another city in Texas, had in fact been hit by a ransomware attack in May 2019 that heavily impacted their email systems and computers. Their IT has since recovered.

The US Conference of Mayors estimates that at least 170 government bodies have been affected by ransomware since 2013.

What are the strategies to protect yourself from Coordinated Ransomware attacks?

This latest attack illustrates the immediacy of ransomware protection. While the victim in this case was a government, organizations and personal computers are also in constant danger of this type of cyberattack.

Ransomware causes major damage to day-to-day company functions. By ensuring that your most sensitive data is backed up, you can restore data in case of cyberattack. Don’t fall victim to ransomware. Managed Service Providers like GIGE Corporation can help you design and maintain network security and backup solutions. Call us at +1 888 366 4443 or email us at sales@gige.ca to learn more.

The post 22 Governments in Texas Hit By First Coordinated Ransomware Attack first appeared on GIGE IT Solutions: IT Services Mississauga.

The post 22 Governments in Texas Hit By First Coordinated Ransomware Attack appeared first on GIGE IT Solutions: IT Services Mississauga.

Debt-Collector Firm Files For Bankruptcy Following Data Breach Costing Millions

gigE — Thu, 27 Jun 2019 14:16:39 +0000

New York-based debt collection company Retrieval-Masters Creditors Bureau, Inc. has filed for bankruptcy due to a massive data breach.

Following the leak, the legal obligation on the company to notify the 7 million affected by the data breach cost it $3.8 million. Another $400 000 was also spent on external IT consultants to determine the extent of the damage.

3 independent IT firms determined that the compromise had occurred as early as August of 2018. However they could not determine the magnitude of the damage, forcing countermeasures to assume that all company data was compromised.

Russell Fuchs, founder and CEO of the firm, stated that the company keeps highly personal information of its clients due to its work of collecting bills for clinical labs. Therefore, information that was stored and leaked by their servers included the names, home addresses, SSNs, credit card and bank account information, birth dates, and personal medical information of its clients.

The breach was discovered March of this year when the company received an alarming amount of credit card activity on its web portal. Following the discovery, Retrieval-Masters Creditors Bureau immediately shut down its web access to mitigate the damages. The company had shifted to storing its data on the web in 2015 due to market pressure for increased connectivity and client convenience.

This event illustrates the immediacy of cyberthreat to companies that store sensitive information. As demonstrated, a compromise can remain undetected for months, and a single attack could lead to devastating financial and legal consequences.

How can you stay protected?

Here are some best practices to help you protect your sensitive data from cyberattack:

Update your Operating System:

With the end of security support to Windows 7 coming soon, it is absolutely essential for any company running Windows 7 to upgrade to Windows 10. Remaining on an unsupported O.S. instantly makes you vulnerable to backdoor exploits, ransomware attacks, data theft, and more. GIGE IT Solutions can help make your transition as smooth and affordable as possible. Learn more about the Windows 7 End of Life here

Network Segmentation:

Network segmentation is the security practice of “splitting” your company’s network into disconnected sections. If a cyberattacker is able to gain access to one section, they will be unable to infect your entire network. This is particularly effective against viruses with the worm capability, which allows it to spread from one device to the next without any input from the victim.

Multifactor Authentication:

Many cyberattacks are now automated. Brute-force hacks gain access to your accounts by ‘guessing’ your credentials through trial-and-error. This can be prevented by activating multifactor authentication, which requires a second ‘temporary’ password to be input every time you log in from an unfamiliar device. This password is sent to a second destination such as a phone or a secondary email, preventing an attacker to easily hack into your account with only the username and password.

Don’t fall victim to cyberattack. Managed IT service providers such as GIGE IT Solutions help keep your company safe by maintaining healthy backup protocols, monitoring your systems 24/7 and designing customized security solutions. Call us at +1 888 366 4443 for an immediate consult.

The post Debt-Collector Firm Files For Bankruptcy Following Data Breach Costing Millions first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Debt-Collector Firm Files For Bankruptcy Following Data Breach Costing Millions appeared first on GIGE IT Solutions: IT Services Mississauga.

IT Services Company HCL Suffers Data-Leak, Quickly Recovers

gigE — Tue, 18 Jun 2019 15:19:57 +0000

HCL, a multibillion dollar company with over 100 000 employees, has suffered a data leak of sensitive customer and employee information. The leak was discovered on May 1^st 2019 by a research team in UpGuard.

Information that was leaked included employee information, customer information, and company project details. For employees of the company, names, IDs, and contact information dating back to 2013 were leaked.

HCL has not been the only victim this year of data leaks. In April, UpGuard researchers also discovered that a configuration error by Facebook-partner Cultura Colectiva allowed 500 million user records to be publicly available for download. Leaked information included Facebook comments, account names and IDs.

In a 2019 report by Verizon, it was found that around 34% of data breaches were caused by individuals within the companies. A large part of this was caused by human error, such as CC’ing incorrect people in e-mails, accidentally publishing sensitive information online, or mistakes in network configurations.

The HCL data leak incident illustrates the importance of damage mitigation in the event of data leaks. The risk of data leaks will always be present, as there will always be the risk of human error. Therefore, it is equally as important to ensure that the protocols to minimize exposure are well-defined. UpGuard reported that within 48 hours, HCL was able to recover from the data leak and make the information private again. This was largely due to the fact that the contact information of the data protection officer was easily located.

GIGE Solutions helps design and manage your data privacy and IT infrastructure. Contact us at +1 888 366 4443 to get started with us today.

The post IT Services Company HCL Suffers Data-Leak, Quickly Recovers first appeared on GIGE IT Solutions: IT Services Mississauga.

The post IT Services Company HCL Suffers Data-Leak, Quickly Recovers appeared first on GIGE IT Solutions: IT Services Mississauga.

How to Prepare for the Upcoming Data Privacy Act

gigE — Wed, 03 Oct 2018 14:16:42 +0000

The Canadian government has set November 1^st as the official date that the new Digital Privacy Act will be implemented. On this day, all private Canadian organizations will need to ensure that they have adhered to the rules defined by this new act. The document outlines regulations regarding the protocols of handling data breaches – specifically, who and when need to be notified in the event of data leakage. According to the Privacy Act, fines of up to $100 000 can be issued if an organization fails to notify a data breach to either the Privacy Commissioner of Canada, or the customers affected. Below are three important rules outlined by the Digital Privacy Act.

Reporting to the Privacy Commissioner of Canada

In the event of a data breach, the incident must be reported to the Privacy Commissioner of Canada as soon as possible. This report must contain as much of the following information as is known at the time. Firstly, it must outline the causes and depth of the breach, as well as the time that it occurred. The report must also include an estimate of the number of people who will be affected. Furthermore, it must include information on the strategy that the organization plans to employ in containing and repairing the breach. Finally, contact information of a person who can continue communications with the Privacy Commissioner needs be provided.

Reporting to the Impacted Customer

A similar report outlining the causes, scope, and reparation strategy must be provided to the individuals who are affected by the data breach. The Data Privacy Act outlines that this communication must be done in one of two methods – directly, or indirectly.

Direct communication includes methods such as email or over the telephone, while indirect communication involves public announcements.

However, indirect communication can only be used in the case of one of the following circumstances: If direct communication would cause more damage to the affected person, if direct communication would require undue hardship to the company, or if no customer contact information is available.

Keeping reports after Data Incidents

Finally, the Digital Privacy Act states that records of a data breach incident must be kept for a minimum of 2 years after the company first detects the incident. The Government of Canada states that this record-keeping will have numerous benefits to the IT security industry. In a statement, they noted that stricter reporting will ensure that affected individuals have the tools to become informed and protect themselves. Furthermore, the availability of these reports will create industry standards for handling these data breaches. This will overall have positive impact on the ability for Canadian organizations to deal with cybersecurity incidents.

Become prepared for the quickly-approaching deadline with GigE’s team of IT security Technicians. Call us at +1 888 366 4443 for a consult today.

The post How to Prepare for the Upcoming Data Privacy Act first appeared on GIGE IT Solutions: IT Services Mississauga.

The post How to Prepare for the Upcoming Data Privacy Act appeared first on GIGE IT Solutions: IT Services Mississauga.