phishing attack | GIGE IT Solutions: IT Services Mississauga

How Will Artificial Intelligence (AI) Change Cybersecurity?

gigE — Wed, 12 Feb 2020 20:35:53 +0000

Artificial Intelligence

Artificial intelligence is the field of computer development concerned with simulating human problem solving and cumulative learning in computers. Systems with artificial intelligence get progressively better at doing tasks that they are designed to do, without the need for humans to ‘hard program’ new techniques or strategies for them.

There are many advantages to artificial intelligence in computing. For example, as AI develops, it will be increasingly useful to the medical industry, detecting and diagnosing cancers and other diseases with more accuracy and less bias than human doctors. Robots with artificial intelligence can also be useful for tasks such as exploring hazardous areas.

Identity impersonation for phishing attacks

One of the major uses of AI in cyberattack is for spearphishing attempts. Spearphishing is a highly targeted type of phishing attack that relies on researching a company to create highly tailored ‘fake’ emails to trick victims into providing sensitive credentials or information. An example of a spear phishing attempt would be a fake email from the CEO of a company to an employee asking for credentials to an account.

With AI, spearphishing emails can be made even more difficult to detect. AI can use machine learning to learn patterns of speech of a specific individual through social media and email communications. Using this, they are able to imitate their writing style almost identically.

Automating large scale cyberattacks

One of the limiting factors in today’s world of cyberattack is the time investment that cyberattackers need to plan and execute cyberattacks. This limitation has already been reduced by cyberattackers using automatic processes to detect vulnerable computers via internet scans and automatically infecting them with malware. However, by using AI, these automated cyberattacks become even more of an immediate threat, and can constantly adapt and change their strategy without any input from the cyberattacker who released it into the wild.

The post How Will Artificial Intelligence (AI) Change Cybersecurity? first appeared on GIGE IT Solutions: IT Services Mississauga.

The post How Will Artificial Intelligence (AI) Change Cybersecurity? appeared first on GIGE IT Solutions: IT Services Mississauga.

Maastricht University Hit By Clop Ransomware, Pays $220 000 USD for Decryption

gigE — Wed, 12 Feb 2020 18:35:11 +0000

Netherlands’ Maastricht University was hit by a ransomware attack on December 23^rd, 2019. The university paid the cyberattackers 30 bitcoins, worth at around $220 000 USD, in order to restore the infected computers to working conditions.

The ransomware malware strain, called “Clop ransomware”, encrypted 267 of the university’s Windows servers, including backups. The University’s full infrastructure consists of 1647 servers running either Linux or Windows, and 7307 workstations. The university reported that it has several network security measures in place including firewalls, antivirus, and spam filters, but that the ransomware was able to bypass these measures through two phishing emails on October 15^th and 16^th 2019.

The university stated that despite the IT department constantly receiving alerts on security threats, there is still a need for more education on avoiding phishing techniques to help alleviate the constant pressure of cyberattack. For tips on how to detect phishing emails, read our article on the topic here.

Nick Bos, VP of Maastricht university, discussed the decision to pay the ransom to the attackers. He stated that while the University does not ethically stand by the act of succumbing to ransomware extortion, it ultimately made the decision to pay the ransom due minimize the damage that the attack would have on its students’ education, staff, and researchers.

What can we learn from this attack?

Phishing attacks are as prevalent as ever, and can lead to significant financial damage to an organization. Any organization’s firewall is only as strong as its weakest link. As shown in the Clop Ransomware attack, even a network that is protected by antivirus and spam filter software can be penetrated if a malicious link is accidentally clicked on by an employee. Therefore, employee education on common phishing methods and signs to look out for should still be a top priority for your organization’s cybersecurity strategy.
Following the attack, Maastricht University employed Fox-IT to conduct an independent investigation on the incident. In their audit, Fox-IT discovered that the malware was able to leverage a server that was missing critical patches that fixed known vulnerabilities. Exploiting this single security hole allowed the attackers to spread the malware to 267 Windows servers. This highlights the importance of keeping your organization’s server OS up-to-date.

GIGE IT Solutions can keep your organization protected from ransomware. We manage all your servers and workstations to ensure that they are always up-to-date and protected from malware such as ransomware. Call us at +1 888 366 4443 or email us at info@gige.ca to get started.

The post Maastricht University Hit By Clop Ransomware, Pays $220 000 USD for Decryption first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Maastricht University Hit By Clop Ransomware, Pays $220 000 USD for Decryption appeared first on GIGE IT Solutions: IT Services Mississauga.

Is your Organization’s Email System Safe?

gigE — Mon, 16 Apr 2018 20:20:00 +0000

Is your Organization’s Email System Safe?

Email is the most preferred mode of communication when it comes to businesses. Whether one wants to communicate with a client or a colleague, share events or files, everyone uses email. In fact, it has become one’s personal identity, without email, opening an online bank account or social media, is not possible. The email system is your most important digital avenue, yet it is the most prone to cyber attacks.

The top 2 email vulnerabilities that cyber criminals target are email hijacking and Computer Takeover via Email

Email Hijacking

As per a recent study by Google, more than 15% of internet users have reported experiencing the takeover or hijacking of an email account.

In email hijacking, an attacker gains access to an email account by getting hold of a victim’s email username, password, and recovery or verification questions. Once accessed, a hijacker can do whatever he or she wants in the account like resetting the password, downloading all private data, deleting all messages or impersonating the victim.

Many of today’s email systems have done away with passwords alone to gain access. Instead of mere passwords, many require recovery or verification questions.

According to a Google and UC study, third-party data breach, keylogging, and phishing are the 3 main methods used by attackers to hijack the emails.

Third Party Data Breach:

In third-party data breach, email usernames and passwords are stolen by attackers as a result of security loopholes within a service provider like Adobe, LinkedIn, and Dropbox.

Keylogging:

In keylogging, an attacker steals the victim’s credentials by using a malware that records and tracks every movement of the victim on his or her computer.

Phishing:

In phishing, the attackers fool a victim to login to a fake web page of a popular email site like Gmail, Yahoo or their banks. Once victims clicked on these fake login pages, their details are captured in the process.

Computer Takeover via Email

In this type of attacks, cyber criminals use a ransomware/malware designed to block access to a computer system until ransom money is paid. In such attacks, the computer is literally hijacked as you’ll lose total control of it and you’re at the mercy of the attackers to unlock your computer.

An example of a malware that uses phishing emails as a means to gain access to computers is the ransomware called “Locky” – the first ransomware to earn $1 million per month based on a Google-led study (PDF).

The Locky phishing emails have an attached ZIP file which when opened enables the downloading of the Locky ransomware and locks out users from their computers until ransom money is paid.

Email hijacking and computer takeover are just two examples of the many vulnerabilities of your organization’s email system. In its “2017 Internet Security Threat Report” Symantec said, “Email posed a dangerous and efficient threat to users: one in 131 emails contained malware, the highest rate in five years.”

GigE Solutions has over 30 years of experience in keeping organizations’ email system safe from cyberattack. Want to secure your company’s email system against most known attacks? Contact GigE today to protect your business emails from third-party data breaches, phishing, keylogging, and ransomware. Call 888-366-4443 now!

The post Is your Organization’s Email System Safe? first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Is your Organization’s Email System Safe? appeared first on GIGE IT Solutions: IT Services Mississauga.