Education, advice and information you can use in your business.

How One Hacker Stole $226K Worth of Cryptocurrency from Oracle Servers

/in , , , /by

According to a recent article published from Techrepublic, an Oracle vulnerability released in December allowed attackers to mine the Monero cryptocurrency.

One hacker was able to deploy a cryptocurrency miner and rake in 611 Monero coins worth roughly $226,000, according to a report from the SANS Institute.

“The good news is that Oracle patched the flaw last year. However, firms that aren’t regularly updating may still be at risk. According to the report, the vulnerability affects versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0, and 10.3.3.0,” stated writer Connor Forrest.

To read the full article, click here.

The 20 Worst Passwords of 2017

/in , , , /by

Passwords are the first line of defense when it comes to protecting your vital information. Let the common phrases like “password” and “123456” go. It’s still surprising how many people use bad passwords.

Use a whimsical phrase you will remember, then add numbers and special characters. Protect yourself.

Read the article from Techrepublic here.

What is Your Business Continuity Plan?

/in , /by

Did you know, 40% of small businesses in the US never open their doors after a disaster? That’s a big number considering most small business owners not only rely solely on their business as a means of income, they also are emotionally attached to their business since it provides a way to present their skills to the world.

So if their business is so important to them, then why are many small business owners not doing enough to protect it from disasters? In a 2015 survey of 300 small businesses in Calgary, 47% of businesses said they do not have a business continuity or contingency plan in place. That’s a big number considering this survey was conducted not long after the 2013 floods.

Now, while no business would want to get hit by unexpected disasters, it does not mean that owners should not plan for them either. Business Continuity planning is the similar to yearly budget planning or even better: it is like getting insurance!

Think about it: many people get life insurance because they are looking out for their family’s future in case they are no longer around. If you are one of the family earners, you secure your family by getting life insurance. While the emotional pain of you being gone can never be filled, you try to mitigate at least the financial pain by taking out life insurance for them.

This is exactly what business continuity planning does. Like I said earlier, for many small business owners, their business may be the only source of income for them and they build an emotional attachment to this business and just like we do to our loved ones.

So wouldn’t you want to protect this business from any potential disasters?

Here are some helpful links from Calgary Chamber of Commerce and Calgary Emergency Management Agency (CEMA) that you can use to start thinking about business continuity planning:

  1. CEMA’s Business Continuity Handbook
  2. Business Continuity Planning Template
  3. Reference Guide for examples

Contact us if you need some guidance on how to incorporate your IT related assets in the Business Continuity Plan.

How Facebook’s Annual “Hacktober” Campaign Promotes Cybersecurity to Employees | hbr.org

/in /by

With a month of security competitions, games, and T-shirts. “Build and maintain a security conscious culture”.

Not only will it help train your employees on cyber security but it will also help with employee engagement. Engaged employee = more productivity. 

Most importantly, use an approach that fits your culture, recognize and reward engagement, run real-world security tests, bring people together, and keep it fun. See how Facebook does it.

Source: How Facebook’s Annual “Hacktober” Campaign Promotes Cybersecurity to Employees

5 Ways To Improve Your Small Business Cybersecurity

/in /by

Half of all small businesses experience a cyber attack. Use the 5 tips in this article to improve your business’s cybersecurity and protect yourself from threats.

The five tips are train employees, update computers, create backups, limit access, and secure your wi-fi.

Read the full article at Forbes.com.

Source: 5 Ways To Improve Your Small Business Cybersecurity

A fake Netflix email wants users’ billing information — don’t click it – National | Globalnews.ca

/in /by

Phishing emails are being sent to Netflix users worldwide. Do NOT click the link in the email. 

Instead, go to the company website and login. 

Source: A fake Netflix email wants users’ billing information — don’t click it – National | Globalnews.ca

Do You Have A Business Continuity Plan?

/0 Comments/in , /by

Thirty per cent of business don’t!

At some point in the lifespan of any business, disaster will strike. It’s inevitable. From unsuspecting employees letting lose ruthless viruses, to something much less preventable, such as an electrical fire, any loss of data can be detrimental. The key component to managing any business is having a business continuity plan, so that when disaster recovery is needed, it’s only a phone call away.

In a previous post, we talked about the importance of data backup. Making sure your data is backed up in the proper mediums is fantastic but, having a plan with what to do once the system crashes is just as crucial as saving the data itself.

This is where the idea of business continuity comes into play. Having the ability to continue running your business during these emergency cases will minimize revenue loss, as every minute a server is down is a hit to the company.

There are many examples available of companies that were saved simply by having a backup plan in place, such as the one about Cantey Technology, who lost its entire operation to a lightning strike in 2013.

According to Tracy Rock, InvenioIT.com, the office building in Mount Pleasant, South Carolina, was home to the IT company, which hosted servers for more than 200 clients.

The fire caused the entire network infrastructure to melt, burning cable and computer alike. With equipment destroyed beyond repair and an unusable office, a panic should have set about the entire organization. Instead, states Rock, Cantey’s clients had no idea.

As part of their business continuity plan, Cantey had already moved its clients servers to a remote data center, where continual backups were stored. Staff of Cantey were displaced in a temporary office, but no client experienced any disruption of service. Although Cantey Technology had no control over the force of nature, they were still able to avoid massive loss.

Businesses always believe it won’t happen to them, that the backups they have are enough, but the reality is, they aren’t.

According to InventoIT’s 2017 disaster recovery statistics, hardware failure was the leading cause of all unplanned downtime, with power outages accounting for an additional 35 per cent

Even with backups, if a company isn’t sure what to do once the power goes out, there is still unplanned downtime that adds up. Costing between $926 to $17,244 per minute, these numbers include lost revenue, lost productivity, recovery expenses, equipment replacement, and more.

The same statistic report mentioned that 30 per cent of businesses do not actually have a business continuity plan in place, and a portion of those companies haven’t even talked about it.

With the inevitability of a disaster strike, do you want to be apart of that 30 per cent?

If you are curious as to how much your business would lose in the event of a disaster you can input all your data into our online calculator. The results might shock you.

Understand cyber security, don’t fear it, says NCSC head

/0 Comments/in /by

The head of the UK’s National Cyber Security Centre (NCSC) has urged organisations to ensure they understand cyber risks as a survey reveals mid-sized firms have inadequate cyber protection.  MSP in the UK warning that investments in a security and information event management (Siem) system, without dedicated team to respond is inadequate.

Source: Understand cyber security, don’t fear it, says NCSC head

Cybersecurity is dead – long live cyber awareness | CSO Online

/0 Comments/in /by

Consider shifting the focus from exclusively on prevention and include a focus on recovery.

Ask youself, and your IT department:

  1. If you were hacked, what would you do?
  2. How frequently is your data backed up?
  3. Will you pay the ransom?
  4. What about the companies and people you work with?
  5. What’s your communication plan?

Read the full article from the link below.

Source: Cybersecurity is dead – long live cyber awareness | CSO Online

Cyber Security Awareness Month, Equifax, and You

/0 Comments/in , /by

The month of October sure brings a lot to celebrate for us Canadians. Whether it’s feeling gratitude with family and friends while celebrating Thanksgiving or dressing up to celebrate Halloween by devouring all that sweet sweet candy during the whole month of November (or in 2 days….no one is judging). But if there is another celebration the month of October brings, it is for our hard working businesses to celebrate being ransomware free.

In fact, October is the National Cyber Security Awareness Month! What that really means is that all businesses should be taking a moment to evaluate whether their current solutions in place to combat ransom ware will keep their systems safe while keeping business running. This is particularly very important for the hard working small and mid-size businesses that operate lean and do not have dedicated in-house IT departments working 24/7.

But then again, sometimes even with dedicated in-house IT and billions of dollars, one fatal error in its cyber security practice can cause that company to become an example of what not to do when it comes to protecting your business, your customers and yourself. The company that all business owners can learn from in this instance is Equifax.

Equifax has been struggling with their data security breach that wreaked havoc within the company. Here’s what happened: cyber criminals attacked Equifax systems between mid-May and late July causing a data breach that affects 145.5 million people in the US and about 8000 Canadians.

So what went wrong? Clearly, a multi-billion dollar company like Equifax must have invested in the most robust of technology solutions available through their world-class IT services provider (in-house or external)…Well Equifax was alerted of a software breach in March 2017, however, according to former CEO Richard Smith, they failed to fix the issue due to “both human error and technology failures” that resulted in the data breach. Although a repair was released, Equifax failed to install it immediately, giving hackers an opening to break into Equifax’s computer systems.

And why is this a problem for a multibillion dollar company like Equifax? Surely, they can afford to pay their way out of it right?

Wrong. For Equifax, losing a chunk of money whether from offering free identity theft protection products/services to consumers, hiring lawyers to represent them in the legal battles, or through loss of future customers, may be just part of the problem. It is having to turn around the bad reputation and earning the trust of the public back is what will make things extremely difficult for Equifax in the future. Earning this trust may in fact be the worst of its problems.

So, the real question is, what are you as a small or mid-sized business doing to protect you and your customers? Are you being proactive in terms of monitoring your systems? Are your employee adequately trained to know what to do wtih potentially malicious email? If your answer is no or “I don’t know” to any of these, take action. Talk to your IT provider or contact us for a free 30 minute assessment.