WHAT INSPIRES YOU, INSPIRES US.
Insights : Article

Cyber Security Brief

Current Cyber News & What it Means for you

By   Anders Erickson

January 11, 2018

December 2017

EMAIL SPOOFING – WHO REALLY SENT YOU THAT EMAIL?

Email spoofing is a trick that has been employed by hackers for a long time. The hacker alters the “From” field in an email so that it appears to originate from someone other than the hacker. The objective is to trick the recipient into believing the email is from a trusted source, such as a friend or coworker.

Security researchers recently discovered a set of vulnerabilities that could be exploited to perform email spoofing on several widely-used email applications. They have called this collection of email vulnerabilities MailSploit. Recently, a number of organizations and individuals have been victims of MailSpoit attacks.

How can you help protect yourself from email spoofing? Here are five helpful tips:

  1. Proceed with caution if you don’t recognize the sender of an email. Check to see if the email address matches the signature line or is a trusted email address. 
  2. Be suspicious of emails with language that contains misspellings or that doesn’t “sound” right. 
  3. Hover over hyperlinks (don’t click on them) and look closely to see if they appear legitimate – with some fonts, the letter ‘r’ next to ‘n’ can look like the letter ‘m’. 
  4. Never use a hyperlink in an email to provide credentials and personal information. Instead, open your web browser and go directly to the application or website. 
  5. Avoid accessing free or unsecured wireless networks unless utilizing a virtual private network (VPN). 

If you are concerned that you may have already been the victim of email spoofing, please contact your local IT team immediately. They can help to identify and limit the impact of any data breach that may have occurred.

September 2017

EQUIFAX – A REMINDER TO PROTECT OURSELVES AND OUR ORGANIZATIONS

The credit monitoring service Equifax experienced a data security breach that could affect as many as 143 million people. Hackers exploited a flaw on the Equifax website to gain unauthorized access to files that contained consumer identity and credit card information.

The breach provides us with two important reminders:

  1. Individuals must remain vigilant in monitoring and protecting our own identities. This Consumer Reports article provides details on how to monitor for fraud and take action should you see that something has taken place.
  2. Organizations should be prioritizing the development of a culture where cyber security is seen as an element critical to success. Leaders and executives should promote strong cyber security practices and ensure that activities like the following are addressed on an ongoing basis:
    • Security Awareness Training
    • Vendor Management
    • Event Detection and Response
    • Incident and Contingency Planning

The firm offers a foundational risk assessment – Cyber Security Compass® – that provides non-IT leaders with an overview of how their organization has addressed these and other cyber security risks. This assessment also outlines recommendations and priority projects to help direct risk remediation efforts.

If you have any questions about these services, please contact Anders Erickson, Director of Cyber Security Services, at aerickson@eidebailly.com or (208)383-4731.

August 2017

VENDOR MANAGEMENT:  YOU’RE ONLY AS STRONG AS YOUR WEAKEST LINK

Google recently notified its employees and the state of California that they had been victims of a cyber security breach. One of their travel agencies, Carlson Wagonlit Travel (CWT), utilizes the system called SynXis Central Reservation System (CRS), which is owned and operated by Sabre Hospitality Solutions.  Sabre discovered that hackers had gained unauthorized access to SynXis CRS. The hackers had taken travel reservation data including names, contact information, and payment card information. Google is now managing the impact and cost of a security breach that occurred at a vendor (Sabre) used by their vendor (CWT). This story highlights a significant challenge all organizations face as they enter into vendor relationships – how to ensure they partner with organizations who treat their data in a secure manner.

We live in an increasingly outsourced world. Organizations are eager to capitalize on the cost savings that result from contracting with third-parties to perform anything from payroll processing to software development.  The common thread throughout all these outsourced activities is the sharing of data, and if those third-parties don’t have adequate security practices, then that shared data is at risk of being compromised.  Cyber Security experts at Eide Bailly recently conducted a risk assessment at a manufacturing client where they identified over five vendors who had significant access to the company’s systems or data with little or no oversight. The team is now assisting this client in establishing a vendor management program to regulate the data and access provided to third-parties and to hold vendors accountable for the security of data with which they are entrusted.

June 2017

EXTORTION OF STOLEN PERSONAL HEALTH RECORDS

A plastic surgery clinic in Lithuania recently had their customers’ personal health records stolen in a phishing attack conducted by a group of hackers who call themselves “Team Tsar”. These records included personal information along with images of patients from both before and after their surgery. The hackers threatened to release these sensitive health records to the general public if the clinic didn’t pay a ransom. Once this clinic refused to pay the ransom, the hackers followed through on their threat and released the records. As could be expected, the fallout was swift and heavy, resulting in significant loss of consumer trust and revenue. The experience of this clinic demonstrates an important cyber security principle – Much, if not all, data can be exploited to create value. In this instance, the hackers used extortion in an attempt to increase the value of data.

Clinics and smaller medical practices carry a heavy burden when it comes to cyber security. They operate under the same risks as larger hospitals and medical institutions but often don’t have the resources to implement sound cyber security practices. Cyber security experts at Eide Bailly recently completed Cyber Security Compass risk assessments at six local access hospitals in South Dakota. These professionals brought extensive healthcare experience to these engagements and helped these institutions identify risks that could place their patient’s personal health records at risk. The reports from these assessments provided non-IT executives and board members with a clear understanding of their organization’s cyber security risks and outlined recommendations for remediation. Using our recommendations, these organizations are now prepared to make strategic cyber security investments.

May 2017

RANSOMWARE HITS 99 COUNTRIES IN 10 HOURS

On Friday, May 12, organizations all around the world were victims of ransomware attacks. Cybersecurity experts tracked more than 75,000 coordinated ransomware attacks in 99 countries. Ransomware locks the files on an infected computer rendering them inaccessible.  The victim is then instructed to pay the hackers a “ransom” before the files can be unlocked. The British National Health System was one of these victims, causing hospitals across the United Kingdom to turn away patients. Other victims included Russia’s Interior Ministry and Telefonica (one of the largest private telecommunications companies in the world). The attackers demanded ransoms of only $300, indicating that their goal was to infect as many organizations as possible – irrespective of size. Even small and mid-sized organizations were targeted.

Organizations face ever-increasing risk of attacks to their computer systems and networks. Without appropriate preparation, monitoring, and response, their operations could be negatively impacted or their critical data lost.  Eide Bailly’s Cyber Security team has the experience and tools necessary to prepare and educate clients so they are not the next victim of ransomware. If an organization has experienced a ransomware attack, we can provide response management and risk assessment services to give clients peace of mind.

STUDENT HACKS SCHOOL COMPUTER SYSTEM

You may recall the 1983 movie “War Games” in which Matthew Broderick plays a high school student who, at one point, uses a stolen password to hack into the school’s computer system to change his grades.  Just recently this scene played out in real life.  A high school sophomore attending a Spring Branch Independent School District school in Houston, Texas was arrested on March 31, 2017 and charged with a felony for hacking the District’s computer system with the purpose of changing student grades.  Just like in the movie, this student used a stolen password to hack into the system and took it even a step further by offering to change other students’ grades for a fee.

School systems and higher education face a significant challenge when it comes to cyber security.  Their young students know as much or more about their computer systems than those charged with administering them. Eide Bailly’s Cyber Security team recently completed a Cyber Security Compass assessment at a school district in Idaho.  With over 14,500 students, 1,500 employees, and thousands of computers and tablets, the district’s leadership was seriously concerned about their organization’s cyber security readiness.   The Cyber Security Compass provided them a clear understanding of their cyber security risks and gave recommendations to help them begin strategically tackling these risks.

April 2017

MOBILE DEVICES: THE NEXT TARGET FOR CYBER CRIMINALS

In the most recent Threat Intelligence Report publish by Nokia, researchers found that software viruses or malware infecting mobile devices (e.g., cell phones and tablets) had increased 83 percent in the second half of 2016.  The report suggests that this increase represents a shift from hackers targeting traditional computers to going after mobile devices.  One of the most common methods of infecting mobile devices is through “Trojan” apps.  Like the Trojan Horse of Greek mythology, these apps look like a game or something harmless but when they are installed on a mobile device, they execute malware that allows a hacker to access or steal data from that device.  One thing users can do to protect themselves from these types of viruses is to avoid downloading apps from locations other than the Apple or Android app store. 

Most organizations allow their employees to access organizational data through their mobile devices.  Whether that’s emails, files, or the corporate directory, the access they provide to their employees represents a significant business risk.  If not properly protected, malware infecting an employee’s mobile device can place our client’s data in jeopardy.  Eide Bailly’s Cyber Security team can assist your clients in protecting their data on mobile devices by:

  • Helping establish a secure mobile device policy;
  • Implementing mobile device management (MDM) software, which allows our clients to safeguard corporate data on their employees’ mobile devices; and
  • Educating employees on the dangers of mobile devices and how they can help protect themselves and their organization.

If you have any questions about these services or would like to better understand how we help our clients feel more confident about their cyber security, please contact Anders Erickson, Director of Cyber Security Services, at aerickson@eidebailly.com or (208)383-4731.