Category: Tech News

The Power of Multi-factor Authentication

The Power of Multi-factor Authentication banner image

 

The Power of Multi-factor Authentication

Today’s cyber threat landscape is more complex than ever before. New threats are discovered practically every day, and hackers are finding new ways to exploit those threats on an almost daily basis. This means businesses need to be more vigilant about the security of their networks, devices, and user accounts. Every organization should implement multi-factor authentication (MFA) as a strong and consistent security policy.

MFA strengthens your user account security by requiring users to verify their identity in addition to simply providing a username and password. There are many types of multi-factor authentication, but most involve something you know (like a username and password), something you have (such as an access code sent via text message), or something you are (such as a biometric identifier such as a fingerprint or facial recognition).

Download our infographic Security: The Power of Multi-factor Authentication to understand MFA in detail.

 

What is Multi-factor Authentication?

Multi-factor authentication, or MFA, is an access control method used to verify a person’s identity attempting to log on to a computer system or website by combining two or more authentication factors. For example, logging in with a username and password is a single-factor authentication because only one piece of information is verified to be accurate. In contrast, logging in with a username, password, and a code sent to a smartphone via an app is multi-factor authentication because multiple verification methods are used. Multi-factor authentication is a security method that requires users to provide two or more pieces of proof that they are whom they say they are before being granted access to a secured system or resource.

 

Types of Multi-factor AuthenticationThe-Power-of-Multi-factor-Authentication-middle-image

One of three additional forms of information serves as the foundation for most MFA authentication methods:

  1. Things you know (knowledge)- A passphrase, PIN, or password.
  2. Things you have (possession)- A timely, individual verification code. Typically, a mobile app or security token will produce these authentication tokens and send them to you through text message.
  3. Things you are (inherence)- These are biometrically a part of you, such as a speech pattern, iris scan, or fingerprint.

MFA Examples

Using a combination of these components to authenticate is an example of multi-factor authentication.

1. Knowledge

  • Personal security questions and answers
  • Password
  • OTPs (Can be both Knowledge and Possession – You know the OTP, and you have to have something in your Possession to get it, like your phone)

2. Possession

  • OTPs created by mobile apps
  • OTPs transmitted by text or email
  • Smart Cards, USB devices, key fobs, and access badges
  • Software certificates and tokens

3. Inherence

  • Voice, voice recognition, eye or retina scanning, or other biometrics such as fingerprints
  • Behavior analysis

 

Conclusion

MFA is an essential part of any security strategy. While protecting online accounts, your computer, or other devices, utilizing MFA is a great way to protect against hackers and malicious threats. With MFA in place, hackers will have a more challenging time accessing your accounts and will have to employ more sophisticated methods to crack your passwords. Implementing MFA isn’t always easy, but it’s worth the effort.

Protected Harbor experts say MFA is a must. The company has been in the business for over a decade and is among the top cybersecurity providers in the US. It has been keeping pace with the latest technological advancements to provide top-notch cybersecurity solutions to its clients. With our cybersecurity month discussing safety measures against

It is easy to implement and can be activated for an account. You can keep your data safer and much more secure with just a few clicks. Download our infographic to learn how to implement MFA and secure your data. Contact us today for a free cybersecurity audit.

Microsoft Data Breach Exposed Sensitive Data of 65,000+ Entities in 111 Countries

Microsoft Data Breach Exposed Sensitive Data banner

Microsoft Data Breach Exposed Sensitive Data

According to the security research company SOCRadar, a breach of Microsoft servers may have affected over 65,000 organizations in 111 countries.

 

In response to a security failure that left an endpoint publicly accessible via the internet without any authentication, Microsoft admitted that it unintentionally exposed the information of thousands of customers.

According to an alert from Microsoft, “this misconfiguration resulted in the possibility for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and potential customers, such as the planning or potential implementation and provisioning of Microsoft services.”

Microsoft highlighted that there was no security flaw to blame for the B2Bleak, which was “triggered by an unintended misconfiguration on an endpoint that is not in use across the Microsoft ecosystem.”

 

Microsoft Data Breach Exposed Sensitive Data middleWhat Happened?

2.4 TB of confidential data, including names, phone numbers, email addresses, company names, and attached files containing confidential company information, such as proof-of-concept documents, sales data, and product orders, may have been exposed due to a compromised Azure Blob Storage, according to SOCRadar.

SOCRadar termed the leak a Bluebleed. According to them, “The exposed data includes files dated from 2017 to August 2022.”

On September 24, 2022, Microsoft received notifications of the breach. On September 25, 2022, they issued a statement confirming that they had secured the compromised endpoint, which is “now only accessible with required authentication,” and that an investigation had “found no indication that customer accounts or systems were compromised.”

 

Why This Matters?

According to the threat intelligence firm’s analysis, the stolen information “includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally Identifiable Information) data, and documents that may reveal intellectual property,” they added.

Microsoft stated that it believes “the figures” and “the magnitude of this issue” were grossly exaggerated by SOCRadar.

Redmond added “that it was not in the best interest of safeguarding customer privacy or security and perhaps exposing them to undue risk” for SOCRadar to gather and make the data searchable through a dedicated search engine.

Customers who contacted Microsoft’s support staff were reportedly informed that the company would not be notifying data regulators since “no other notifications are required under GDPR” in addition to those given to the affected customers.


In addition, Kevin Beaumont, a security researcher, said, “the Microsoft bucket “has been publicly indexed for months,” and “it’s even in search engines.”

Although there is no proof that threat actors inappropriately accessed the data before its disclosure, such breaches could still be used for bad intentions like extortion, social engineering attacks, or a quick buck.

Erich Kron, a security awareness advocate at KnowBe4, wrote to The Hacker News in an email, “While some of the data that may have been accessed seem trivial if SOCRadar is correct in what was exposed, it could include some sensitive information about the infrastructure and network configuration of potential customers.”

“Potential attackers could use this information to find vulnerabilities in the networks of these organizations.”

 

Protected Harbor’s Take on the Matter

It’s a sad fact of life that every major software company will eventually experience security breaches at some point in time. Unfortunately, it has become far more common in this ever-changing digital world. However, when it comes to these big, well-known companies that are responsible for keeping your business data safe, there needs to be an intense form of trust which comes with them taking proper action and solutions.

In the past, we’ve seen issues with Google, Facebook, and even the U.S. government’s websites. It’s important to note that these are all vast organizations with dedicated teams of engineers and experts working around the clock to ensure their customers’ security. Microsoft is no different, having some of the best security engineers in the world.

Protected Harbor has always emphasized the importance of network configuration on endpoint protection. An exemplary network configuration can reduce the risk of your network being exploited by malware and other threats.

Protected Harbor provides complete endpoint protection, configuration, and monitoring that protects your computers from malware, ransomware, data breaches, viruses, and other cyber threats. Our engineers also monitor and audit your network to ensure all your systems have the latest firmware, are set up correctly, and are protected against evolving threats.

“It’s happened before, and it will happen again. It’s just the cyclical nature of things. Microsoft will recover, and a new company will go through the process of becoming the next big thing. What’s important to understand here is that the cycle will keep turning as long as people keep investing in technology.”- Richard Luna, CEO of Protected Harbor.
Don’t be the next victim of a data breach. It’s time to invest in a good cybersecurity plan. Contact us today for a cybersecurity audit.

If you notice these signs, our smartphone has been compromised.

Your Smartphone Has Been Hacked If you Notice These Signs Banner

Your Smartphone Has Been Hacked If You Notice These Signs

Your smartphone is your constant companion. It’s your source of information, entertainment, and social interaction, all in one small device. Most people check their phones at least 20 times a day, which makes them an attractive target for hackers and cybercriminals.

However, security features on most smartphones have made it pretty tricky for hackers to break through and take control of the device without you knowing about it. That doesn’t mean you can let your guard down or give hackers any opportunity to breach your phone’s security measures.

It will help if you remain diligent in keeping from being hacked. If you see any signs indicating that you have been hacked, take action quickly before it has a chance to do further damage to your data and access more personal information.

 

What causes this to happen in the first place?

To hack into your phone, a person doesn’t necessarily need to be a hacker. While you’re sleeping, someone may bring your phone up to your face and unlock it. With only this one action, they can look through your smartphone secretly.

There is also software that accomplishes the task. Stalkerware is intended to follow you using your location, call logs, messages, photos, browsing history, and other methods. Behind another app that appears to be unimportant, this malware may be disguised.

Your phone may become infected by malicious links and files without your knowledge. Even seemingly innocent PDF files can contain dangerous information. Because of this, it’s crucial to click with caution.

How about apps? Unreliable downloads may mimic well-known applications or attempt to con you into downloading and using them. When you do this, malware is installed on your phone.

There is also a much more focused technique known as SIM swapping. The criminal disconnects your previous connection and transfers everything to the criminal’s device by calling your phone company, pretending to be you, and asking for a new SIM card.

 

Your-Smartphone-Has-Been-Hacked-If-you-Notice-These-Signs Middle

Signs to Look Out For

How can you tell if your phone has been compromised? Here are some warning signs:

  • Your phone is being slowed down by too many processes operating at once, or it can just be malware using up many resources as the sole offender. Your phone may become heated as a result of this.
  • Your battery is depleting significantly more quickly than usual.
  • Significant increases in data usage may be a symptom of malware like adware that operates covertly.
  • Spammy pop-ups clearly indicate that a malicious program has been installed on your phone.
  • Malware can cause your internet to slow down by diverting your traffic to risky servers or simply using up all of your capacity to steal more data from you or target other people.
  • Off your phone, there may be some indications, such as emails you don’t recall sending or odd social media posts.

Tap or click here for Top 5 Email Scams You Need to Look Out for This Month.

 

How to stop hackers from getting onto your Smartphone?

A little work can go a long way in preventing malware and hackers from accessing your phone.

  • To start, always maintain your phone’s security patches and updates. 
  • Turn on two-factor authentication for each account that supports it. Read our comprehensive 2FA guide.
  • Avoid clicking on shady or uninvited links. This includes emails, internet adverts, and messages from friends.
  • Keep in mind that your home or business network is neither secure. For advice on how to secure it to keep snoops and bad guys out, tap or click here.

Conclusion

Take action right away if you discover any of these indicators that you’ve been hacked so the hacker can’t access more of your data or cause more damage. Your first step should be to power off your device and change your passwords, especially for social media accounts. Next, report the breach to your phone carrier and contact customer support to see what they can do to help. Finally, clean up your phone and make sure to keep your device protected in the future to avoid being hacked in the future.

Protected Harbor provides mobile security, data security, and identity protection. These services protect your company’s data, sensitive information, and valuable assets from cyber threats. In addition, we provide you with email and web security that blocks malicious content and stops data leaks. Our advanced threat protection gives you real-time protection against malware, ransomware, and other cyber threats. We also provide an integrated security operations center to monitor your network and devices, giving you complete peace of mind.

You can also contact our support team with questions or issues, and they’ll get back to you as soon as possible. With Protected Harbor, you can be sure that your company’s data is safe. So what are you waiting for? Secure your devices and network today! Contact us now.

High Availability and Your Data: What You Need to Know

High Availability and Your Data: What You Need to Know

Welcome to another blog from the video series Uptime with Richard Luna discussing High Availability and Your Data and What You Need to Know. This blog will discuss data replication, high availability, and how it can impact your organization.

 

What is High Availability?

High availability is a phrase used by data professionals to describe systems or services that are available and resilient in the face of failures. High availability can be a challenging practice to implement, as it often requires significant infrastructure changes.

HA provides continuous access to critical resources by ensuring services remain up and running even if part of the network, devices, or services fail. It’s an IT strategy for making computer services continue to operate without interruption in response to brief interruptions, planned maintenance, unplanned outages, and other events that might prevent them from running efficiently and effectively.

 

Why is High Availability Important for Data?

For data to be useful, it must be accessible. When systems go down, data can be temporarily unavailable or completely inaccessible. Even if a system only experiences a momentary outage, it can take minutes or hours for it to be brought back online.

If a system is experiencing frequent outages, it can become tough to rely on the data it provides. Depending on the type of data, continuous unavailability can be highly harmful. Data that is used to make decisions (if, when, and how much to produce, where to sell, etc.) can be significantly impacted by only a few minutes of downtime.

It can become almost impossible to rely on if a data system is experiencing frequent outages. Additionally, data systems may be required to maintain regulatory compliance. For example, some industries must keep certain records for varying amounts.

 

High-Availability-and-Your-Data-What-You-Need-to-Know-Middle

Benefits of High Availability in a Data Environment

Increased Efficiency – Employees will be more efficient when data systems are available and do not experience frequent outages. The more you deal with system and data outages, the slower your employees will work. When you implement a high availability strategy, efficiency will increase.

Improved Revenue and Profit – Increased efficiency will also significantly impact revenue and profit. If your data systems are offline for a significant amount of time, it can be difficult to forecast revenue accurately and meet sales goals.

Helpful for Compliance – When you implement a high availability strategy and data systems are available and reliable, it is easier to ensure regulatory compliance. It is difficult to prove compliance if you are missing data or documents.

Reduced Risk – An unplanned outage is one of the most common causes of significant data loss. A high availability strategy makes data more resilient and reduces your risk of experiencing data loss.

 

Key Takeaway

A high availability strategy can help keep your data systems running continuously, even in the face of failures, so your organization can be as productive as possible. This can significantly impact efficiency, revenue and profit, and risk reduction.

It is important to remember that when you set up your highly available systems, you want to make sure that you are using a system that can replicate your data in a way that makes it available for retrieval. The last thing you want is for your company to experience a data outage. What you want to make sure of is that your data is always available and safe.

Protected Harbor is your trusted advisor for architecting and designing a cloud-ready infrastructure for your business to ensure a smooth transition to the public cloud in case that’s your plan. We provide a range of services from server setup to high availability systems, from small businesses to enterprises.

We are passionate about our work and always strive to exceed our customers’ expectations. Get a free high-availability system demo and a free IT Audit today, contact us now.

Major Security Flaw Exposes Twitter Accounts        

Twitter accounts exposed in major security SNAPU

 

Major Security Flaw Exposes Twitter Accounts

Twitter has acknowledged that a bug in its code allowed malicious actors to link accounts with email addresses registered to them, possibly disclosing the identity of their users.

The company late last week revealed the flaw and apologized for the inconvenience stating the issue was remedied immediately.

The vulnerability in Twitter’s handling of unsuccessful log-in attempts was exploited. When a user entered the incorrect password, Twitter used to do one of two things when they attempted to log in using an email address or phone number:

  • Inform the user that they entered the wrong password
  • Display the Twitter account linked to the specified email or phone number (if any exist)

This implied that users of fictitious accounts might have had their identities revealed.

In this post, we will be discussing what exactly happened with Twitter and how you can protect yourself from cyber-criminal.

Also, check out our blog from last week where we talk about Malware hitting millions of android users and the Top 5 Apps You Need to Uninstall Right Now.

 

What Happened?

Countless apps are exposing Twitter’s API keys, giving hackers access to fully take control of those accounts and use them for identity theft or other forms of online fraud.

The information was discovered by cybersecurity experts CloudSEK, who found 3,207 mobile apps leaking both legitimate Consumer Keys and Consumer Secrets for the Twitter API.

Numerous mobile applications have interacted with Twitter, which enables those applications to carry out specific tasks on behalf of users. Consumer Keys and Secrets are combined with the Twitter API to complete the integration. The apps may enable threat actors to tweet things, write and read direct conversations, or do something similar by leaking this kind of data.

A threat actor could theoretically gather an “army” of Twitter endpoints and use them to tweet, retweet, direct message, as well as participate in other methods to spread a fraud or malware campaign.

 

Millions of Downloads

Twitter accounts exposedAccording to the researchers, the questioned apps include radio tuners, e-banking, city transportation, and similar sites, each receiving between fifty-thousand and five-million downloads.

In other words, there’s a good chance that millions of Twitter accounts are in danger as we speak.

All app owners/creators have been informed, but the majority have done nothing to fix the problem—nor even admit to the public that they have been informed of the issue. According to reports, Ford Motors was one of the businesses that quickly addressed the error with its Ford Events app.

The list of suspected apps won’t be made public until other apps address their problems.

Researchers also noted that mistakes made during the development of apps frequently lead to API leaks. Developers occasionally forget to remove authentication keys after embedding them in the Twitter API.

Protected Harbor advises developers to employ API key rotation, which would eventually make exposed keys invalid, to stop these leaks.

 

Final Words

In today’s technological landscape, you must take the proper steps to protect yourself and your family. Keep track of the latest scams and what you can do to keep yourself safe from cyber-criminals. If you feel you have been the victim of a scam, report it immediately.

Experts from Protected Harbor recommend that you:

  • Stay informed about the latest threats and vulnerabilities and keep your software up to date.
  • Don’t click on links from suspicious emails,
  • Don’t download apps from untrusted websites.
  • Change your passwords regularly.
  • Use a VPN when using public Wi-Fi.
  • Uninstall any and all harmful apps immediately.
  • Think before you allow any app permission or access to your files.
  • Enable 2FA (2-Factor Authentication).
  • Use trusted anti-virus software.

Stay vigilant, keep your privacy settings high, and you can keep your accounts secure.

We are giving away a free IT Audit for a limited time. Contact us today for one. Stay updated with the latest news with our blogs and other resources, and keep a keen eye on your social media accounts. Stay Safe![/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row]

Cyberattacks Against Law Firms

Cyberattacks against law firms

Cyberattacks Against Law Firms

What You Need to Know and How to Prevent Them

As the intensity of cyberattacks against businesses continues to rise, law firms have become one of the cyber criminals’ prime targets. Since law firms manage some of the most confidential data for their clients and have access to an extensive network of potential new clients, they have become far more vulnerable than other businesses.

In response to the increasing frequency and scope of cyberattacks against law firms, cybersecurity and managed services provider Protected Harbor has launched a new security awareness program titled, “Cyberattacks Against Law Firms and How to Prevent Them.

The program consists of two resources: an e-book featuring the top law firm hacks throughout history as well as a whitepaper detailing the cyberattacks against law firms’ and what their trends and threats are. Both versions are free to download!

Now, we will discuss a little bit of background on cyberattacks against law firms and a few quick, various ways you can reduce your organization’s risk to getting attacked.

 

Background on Law Firms and Why They Are Such a Target

Poor cybersecurity is now one of the most significant hazards a legal business can encounter and is no longer only a concern for technology. Major law companies in the US have recently suffered catastrophic cybersecurity breaches that has cost them millions of dollars. Cybersecurity is not just the responsibility of the IT department, it’s instead something that must be covered within the company’s overall policies for utilizing technology within the business or in its services.

A lot goes into cybersecurity, and some businesses are too small to get the complete expertise of IT professionals. Due to the expenditures, medium and big businesses may put off planning for cyber-attacks or assume they won’t be affected which in turn is a huge mistake.

Until recently, law companies were seen as primarily analog in nature. The risk of a cyber breach was typically minimized by attorneys and staff manually tracking client and firm information. But, as businesses embrace innovation and clients want more technologically sophisticated communications and strategies, law firms have made the switch to a more technologically advanced environment and are now more vulnerable to cyberattacks than they were previously.

Law firms, in particular, are viewed as attractive targets for hackers, with numerous high-profile attacks being covered in the media. According to a recent study by the American Bar Association, more than 20% of law businesses reported being the target of a cyber-attack. This percentage was 35% among legal companies with roughly 10 to 49 attorneys. This means that more than a third of small law firms had experienced hacking in some shape or form.

These data breaches are concerning for reasons other than the victims’ embarrassment or the possibility of identity theft. A 2017 study found that the average cost of a data breach outside the US is around $3.6 million, or $141 per record. The amount is considerably larger in the United States at $7.3 million, not to be surpassed.

The consequences of a data breach go beyond the loss of individual details. Trust in the compromised institution can be destroyed by a single breach, a fate which many practices cannot recover. In reality, “almost 60% of [small businesses] forced to cease operations after a cyber assault never reopen for business,” according to a Forbes article.

 

Cyberattacks Against Law Firms small6 Tips to Protect Your Law Firm Against Cyberattacks

  1. Improve Your Security Culture
  2. Implement Basic Cybersecurity Measures
  3. Encrypting Sensitive Data
  4. Proactive Security
  5. Securing Network with Firewalls
  6. Keeping Antivirus Updated is a Must

Download our e-book for free to read in detail the tips on how to protect your law firm and best practices.

 

Conclusion

You must have a plan before cyber criminals attack your law firm. After dealing with a data breach at your legal company, you want to be sure to take immediate action. Consider communications in particular when creating your plan. The best way to prevent your law firm from becoming the next cyberattack victim is to implement a cybersecurity program that includes preventative measures, detection, and response strategies. Instead of having a client accidentally learn the terrible news, the law firm must be the one to deliver it.

Download our e-book Cyberattacks Against Law Firms and How to Prevent Them, which we have created specifically for legal companies. Within this e-book, you will learn about the most common cyberattacks against law firms and how you can prevent them from happening to your company. We also give you access to our e-book library with our most requested titles.

Get started and download today!

Lawyers Getting Hacked:

lawers getting hacked

Lawyers Getting Hacked:

Most Popular Cyberattacks on Law Firms

From the time of their first email to the last signed document, law firms are under constant surveillance from cyber criminals. From phishing scams to ransomware and malicious websites, hackers know exactly where to strike to cause the most chaos. Rather than a once-in-a-blue-moon event, lawyers getting hacked is a commonplace occurrence for many firms. It’s almost as if there’s some hidden, “Get Hacked” switch that nearly all law firms have within them.

If you’re reading this and thinking, “that won’t be me,” you’re wrong. It just hasn’t been you, yet.

We are excited to announce our e-book on Top Law Firm Hacks Throughout History, available to download for free. This e-book will cover some of the most popular law firm hacks throughout history including some you may not have heard of prior.  We will also be providing some advice for avoiding common law firm pitfalls.

Below is a short glimpse into topics you can expect from our e-book.

 

Why are Law Firms an Attractive Target?

Due to the nature of their industry, law firms are becoming a more attractive target. Law firms and in-house legal teams gather a ton of sensitive information, an example such as tax returns can arise during their corporate legal and M&A (mergers & acquisitions) work, litigation, and other legal services. Businesses may suffer reputational and financial damages if they were to ever suffer a breach, especially if their data is compromised. According to a recent analysis from the security company CrowdStrike, average ransomware payouts are above $1 million.

Unfortunately, legal companies are usually more vulnerable compared to other business types. In a report published in May 2020 by the security company BlueVoyant, it was discovered that all law companies were the prime target of focused threat activity, and 15% of a global sample that included thousands of law firms had networks that were already infiltrated.

According to research released in October by the American Bar Association, it was discovered that 36% of legal firms had previously experienced malware infections within their systems and that 29% of law firms had reported a security breach, with more than 1 in 5 admitting they weren’t sure if one had ever occurred.

Robust security measures not being used could be a part of the problem.

Only 43% of respondents utilize file encryption, less than 40% use email encryption, two-factor authentication, and intrusion prevention, and less than 30% use full disk encryption and intrusion detection, according to the 2020 ABA Legal Technology Survey Report.

 

Lawyers Getting Hacked middleLaw Firms as Critical Infrastructure

According to BlueVoyant’s report, the legal sector needs to be included on the list of 16 critical infrastructure sectors maintained by the U.S. government since it relies on networks and data that, if compromised, would jeopardize economic security or public safety. An analysis of cyber threats and vulnerabilities and information sharing with the Department of Homeland Security and other agencies would benefit law firms that handle and store government secrets.

Legal IT services firms may hesitate to disclose information about cyber attacks due to concerns about losing control of sensitive data. Consequently, government agencies may start viewing law firms as potential targets for cyber attacks, necessitating enhanced protection measures.

Regarding ransomware attacks, several factors should be considered by firms. These include employee training in security practices, implementing cybersecurity measures like two-factor authentication and regular software updates, and maintaining backups. In the event of a ransomware attack, firms need a well-defined plan outlining response procedures, negotiation strategies, and decisions regarding ransom payment. It’s also advisable for firms to utilize managed IT services for secure data storage and conduct thorough assessments of service providers.

 

The Most Notable Law Firm Cyber Attacks

We’ve produced a list of the most significant cyber-attacks and cyber-threats targeting law firms to highlight the escalating danger and consequences.

  • Mossack Fonsesca & The Panama Papers
  • JP Morgan Chase
  • Oleras Phishing Campaign Against Law Firms
  • UPMC Patients
  • Moses Afonso Ryan Ltd.

Download our free e-book to read in detail about the top cyber-attacks on law firms.

 

Conclusion

Cybercriminals want access to a company’s data and intellectual property. Many of the most severe attacks directly involve the theft of private information to assist insider trading schemes or to commit theft and extortion of client information from legal firms.

Law firms are tempting targets for hackers. More often than not, law firms don’t take the necessary precautions to protect their data making them an easy target for malicious attacks. Law firms must do everything they can to protect their data starting with reviewing and updating their cybersecurity strategy. This includes everything from the hardware to the software they use within their network. Once they’ve identified the areas that are in need of improvement, they can implement new cybersecurity solutions to keep their data secure.

Download our free e-book today and learn about the risks as well as the most notable hacks in history! This e-book was created by a dedicated team of security experts with extensive experience working within the legal sector to provide some insight and tips to keep your company safe from cyber criminals.

Don’t forget to keep in touch with our blogs for more information and tips on law firms and cybersecurity.

These Cloud Vulnerabilities Will Cause Your Next Data Breach

These cloud vulnerablilities will cause your next data breach

These Cloud Vulnerabilities Will Cause Your Next Data Breach

 

Cyber security is a constant race between businesses and hackers in the digital world. Every new technology has potential risks that must be understood and addressed before implementation. New threats are emerging all the time and cloud computing is no different. Many types of cloud services are being used by businesses more than ever before.

In fact, according to Gartner, private cloud services will continue to grow faster than public cloud services in the next few years. However, some types of clouds are riskier than others regarding cyber security. Several vulnerabilities can expose your company’s data when using any cloud service or Software as a Service (SaaS) application.

This article lists common vulnerabilities you should know about before using any cloud-based system or software.

 

Understanding Cloud Vulnerabilities: Protecting Sensitive Customer Information

As businesses increasingly turn to the cloud for their computing needs, it’s important to consider the potential vulnerabilities of storing sensitive customer information in a shared infrastructure. Cyber attacks are a constant threat, and unauthorized access to personal data such as social security numbers, financial information, and other sensitive information can lead to identity theft and other serious consequences.

Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) are two popular cloud computing services businesses use to store and access their data. While the cloud offers many benefits, knowing the potential risks is important. Cloud providers are responsible for securing the underlying infrastructure and providing secure cloud access. Still, businesses are responsible for securing their own data and applications that run on top of the cloud infrastructure.

One way to protect sensitive customer information is by using a hybrid cloud model, which allows businesses to keep some of their data in a private data center while still taking advantage of cloud computing resources. This approach can provide additional security and control over customer data.

Another important consideration is the use of virtual machines in the cloud. Virtual machines can help isolate applications and data, limiting the impact of a potential cyber attack. It’s also important to implement access controls and encryption to prevent unauthorized access to sensitive information.

 

Public Exposure

The oldest blunder in the book is setting up a new cloud resource but leaving it entirely insecure and publicly visible. Your unprotected public assets will almost certainly be found because hackers today frequently use automated tools to scan target networks for any exposed assets.

By 2022, nearly 50% of businesses would unknowingly or accidentally have some IaaS storage devices, networks, apps, or APIs directly exposed to the public internet. This number is up from 25% in 2018.

 

Excessive Permissions

Fast company operations are one of the main advantages of switching to the cloud. However, access credentials are routinely distributed hurriedly and needlessly in the interest of expediency, resulting in many individuals having excessive permissions for which they have no business need for. If any of those credentials end up in the wrong hands, attackers would have unrestricted access to private information.

By 2023 (up from 50% in 2020) 25% of security breaches will be due to improper handling of login credentials, identities, and privileges, predicts Gartner.

 

Cloud Vulnerabilities middleLack of Multi-factor Authentication for Privileged Users

One of the most typical cloud vulnerabilities is the absence of Multi-Factor Authentication (MFA) for users assigned to privileged administrative positions in control. Access for privileged users must be as secure and feasible in any cloud environment. A company may suffer severe repercussions if a fundamental security measure like MFA is not enabled.

It is straightforward for malicious actors to exploit privileged accounts without MFA being enabled. These accounts are vulnerable to brute force assaults due to lacking MFA. Hackers can use these accounts to entirely disrupt an organization’s operations and steal its data because they often have high administrator permissions.

 

Insecure APIs

APIs, or Application Programming Interfaces, are frequently used to simplify cloud computing. APIs make it very simple to share data between other apps, improving convenience and efficiency. However, if they are not secured, this can lead to multiple cloud vulnerabilities and become an easy entry point for malicious attackers.

Threat actors can launch DDoS assaults and obtain access to sensitive company data by taking advantage of unsecured APIs while remaining unnoticed. In fact, by 2022, API abuses are anticipated to overtake other attack methods as the most popular, according to Gartner data.

 

Final Thoughts

If companies using the cloud do not consider limiting the dangers that accompany it, they are taking a preventable yet significant risk. The IT processes teams use to develop and deploy applications in the cloud infrastructure must be well integrated into a company’s strict cloud security rules.

The use of cloud computing has changed how businesses and hackers operate. Both new opportunities and threats related to cloud security have been introduced. Enterprises must continuously address the dangers and difficulties associated with cloud security while implementing the appropriate security technologies to facilitate operational work.

It’s essential to understand the potential vulnerabilities so that you can mitigate them. Suppose you have any concerns about your current cloud environment. In that case, you can consult with a cloud consulting company like Protected Harbor to help you assess the risks and implement practices to avoid data breaches.

Protected Harbor‘s cloud security solution integrates the latest security technologies with your cloud infrastructure. Businesses can take advantage of cloud computing’s capabilities with the right technology and the help of cloud security specialists.

We have researched and created an e-book for companies looking to migrate to the cloud. This e-book helps them to understand better the benefits as well as the risks that come with cloud migration so that they can plan. Get your free copy of the e-book today!

Microsoft Teams Blows Up: Thousands Of Users Unable to Access Microsoft Teams App

microsoft teams blows up thousands of users unable to access microsoft teams app

Microsoft Teams Blows Up: Thousands Of Users Unable to Access Microsoft Teams App

 

On Thursday morning, Microsoft Teams went down, making the Teams app unavailable to thousands of users. Moreover, most business users were unable to log in with their organizational accounts and access their private chat messages and files. In a statement confirming the outage, Microsoft said it was looking into a problem where users could not access Microsoft Teams or use any of the app’s functions.

 

Update

July 21 – After an hours-long outage affecting tens of thousands of clients worldwide, Microsoft Corp.’s (MSFT.O) MS Teams was back up for most users, the corporation said on Thursday.

A recent software upgrade that “included a faulty connection to an internal storage service” was blamed for the issue by the corporation.

“We’re addressing any residual impact related to this event. Additionally, we are monitoring for any signs of failure until we’re confident that all functions of the service are fully recovered,” the company said on its website.

 

What Happened?

According to the outage monitoring website Downdetector.com, Microsoft’s Teams app was inaccessible to more than 3,000 users.

Microsoft’s official account tweeted that it has received from users who were unable to use any features or access Microsoft Teams. The IT giant added that it is looking into the matter.

The Redmond, Washington-based company traced the outage to “a recent deployment that featured a failed link to an internal storage service.” However, it did not specify how many people were impacted.

Businesses use MS Teams extensively because it allows employees to organize their workflow, communicate internally, and send messages to one another.

According to Downdetector.com, which analyzes outages by collecting status updates from sources, including user-submitted faults on its platform, more than 4,800 customers reported problems with Microsoft Teams on Wednesday.

According to Downdetector, there were more than 1,457 affected users. Additionally, the site monitoring company revealed that more than 150 instances of users claiming problems with Microsoft Office 365 occurred.

Microsoft Teams outage middleMicrosoft tweeted that it had determined the downstream effects of Teams integration on several Microsoft 365 services, including Microsoft Word, Office Online, and SharePoint Online.

“We’ve taken action to reroute a portion of traffic to provide some relief within the environment,” it said.

As the demand for remote business-oriented teleconferencing and messaging tools surged and became a crucial component for organizations during the COVID-19 pandemic as people worked from homes, Microsoft stated in its earnings call in January that Teams had surpassed 270 million monthly active users.

A nearly six-hour long outage at Meta Platforms in October prevented millions of users from accessing WhatsApp, Instagram, and Messenger, among other major digital companies that have also had outages in the past year.

 

Final Thoughts

It is unlikely that Microsoft will bring significant changes to Teams in the immediate future. It’s an excellent opportunity for you to take a closer look at the product to see if it’s a good fit for your organization.

Protected Harbor enables your company to securely collaborate and share information with employees, customers, partners, and suppliers with enterprise-grade security, compliance, and reliability. You will get a secure environment where your information is protected, and your team can communicate with each other without worrying about data security. You can now manage all your files, documents, and data securely.

With advanced compliance settings and auditable record keeping, you can control who has access to what information and meet regulatory requirements. You can also retain control of your data through encrypted backups and the ability to export information when necessary. With a single sign-on, you can access files from anywhere and invite others to collaborate with you. So what are you waiting for? Contact us today for a free demo.

Eye Care Leaders Data Breach Caused by Cloud EHR Vendor. Don’t be the Next.

eye care leaders data breach caused by cloud ehr endor dont be the next

 

Eye Care Leaders Data Breach Caused by Cloud EHR Vendor. Don’t be the Next.

Data Breach Caused by Cloud EHR VendorThe databases and system configuration files for Eye Care Leaders, a manufacturer of cloud-based electronic health record and practice management systems for eye care practitioners, were recently hacked.

What Happened

The breach reportedly compromised the organizations’ cloud-based myCare solution, with hackers obtaining access to the electronic medical record, patient information, and public health information (PHI) databases on or around December 4, 2021, according to breach notification letters provided by some of the affected practices. The hacker then erased the databases and system configuration files.

When the breach was discovered, the company promptly locked its networks and initiated an investigation to avoid additional unauthorized access. That investigation is still underway, and it’s unclear how much patient data was exposed. However, it’s possible that sensitive data was seen and exfiltrated before the database was deleted. Patients’ names, dates of birth, medical record numbers, health insurance information, Social Security numbers, and personal health information regarding care received at eye care offices were all stored in the databases.

More than 9,000 ophthalmologists use the Durham, NC-based company’s products. It’s unclear how many providers have been affected at this time. Summit Eye Associates, situated in Hermitage, Tennessee, has revealed that it was hacked and that the protected health information of 53,818 patients was potentially stolen. Evergreen Health, a Kings County Public Hospital District No. 2 division, has also acknowledged that patient data has been compromised. According to reports, the breach affected 20,533 people who got eye care at Evergreen Health. The breach has been confirmed by Allied Eye Physicians & Surgeons in Ohio, which has revealed that the data of 20,651 people was exposed.

The records of 194,035 people were exposed due to the breach at Regional Eye Associates, Inc. and Surgical Eye Center of Morgantown in West Virginia. Central Vermont Eye Care (30,000 people) recently reported a data breach affecting EHRs. However, HIPAA Journal has not been able to establish whether the cyberattack caused the data loss at Central Vermont Eye Care on Eye Care Leaders.

 

Confidential Information Exposed

In this distressing incident, Eyecare Leaders, a prominent eye care technology company, experienced a severe data breach, compromising the sensitive patient information of numerous Retina Consultants of Carolina patients. The breach has raised significant concerns about the security and privacy of patients’ medical records and personal data.

Eyecare Leaders, known for providing comprehensive technology solutions to eyecare practices, play a crucial role in managing and safeguarding sensitive information within the healthcare industry. However, this breach has exposed vulnerabilities within their systems, potentially leading to unauthorized access and misuse of patient data.

The breach, possibly a ransomware attack, highlights the pressing need for robust cybersecurity measures in the healthcare sector, urging organizations like Eyecare Leaders to strengthen their data protection protocols and mitigate the risk of future breaches. Meanwhile, Retina Consultants of Carolina patients are advised to monitor their accounts, remain vigilant against potential identity theft, and seek guidance from healthcare providers to ensure the security of their confidential information.

 

Update

Over the last two weeks, the number of eye care providers affected by the hack has increased. The following is a list of eye care practitioners who have been identified as being affected:

Affected Eye Care Provider Breached Records
Regional Eye Associates, Inc. & Surgical Eye Center of Morgantown in West Virginia 194,035
Shoreline Eye Group in Connecticut 57,047
Summit Eye Associates in Tennessee 53,818
Finkelstein Eye Associates in Illinois 48,587
Moyes Eye Center, PC in Missouri 38,000
Frank Eye Center in Kansas 26,333
Allied Eye Physicians & Surgeons in Ohio 20,651
EvergreenHealth in Washington 20,533
Sylvester Eye Care in Oklahoma 19,377
Arkfeld, Parson, and Goldstein, dba Ilumin in Nebraska 14,984
Associated Ophthalmologists of Kansas City, P.C. in Missouri 13,461
Northern Eye Care Associates in Michigan 8,000
Ad Astra Eye in Arkansas 3,684
Fishman Vision in California 2,646
Burman & Zuckerbrod Ophthalmology Associates, P.C. in Michigan 1,337
Total 522,493

Data Breach Caused by Cloud EHR Vendor smallProtected Harbor’s Take On The Matter

There are more than 1,300 eye care practices in the United States alone. And with more than 24 million Americans affected by some form of visual impairment, the demand for eye care services continues to grow.  In response to these growing needs, we have seen an increase in cloud-based electronic health record management software solutions to streamline operations while increasing efficiency and security.

Unfortunately, this also means that cybercriminals see the eye care industry as a prime target for hackers because their information is so sensitive and accessible. That’s why you must know which cloud EHR vendors were hacked recently.

Protected Harbor’s 5 ways to prevent unauthorized access to your company data:

  1. Strong Password Policy– Having your users add symbols, numbers, and a combination of characters to their passwords makes them more difficult to crack. Having a minimal amount of characters and changing it periodically (every 60 or 90 days) ensures that outdated passwords aren’t reused for years, making it much easier to get unwanted access to the account.
  2. MFA– Multi-factor authentication is a great approach to ensure you only access the account. You will need another device (usually your mobile device) nearby in addition to your usual login and password since you will be required to enter a code that will be produced instantly.
  3. Proactive Monitoring- Preventing unauthorized access is the initial step, but monitoring login attempts and user behaviors can also provide insight into how to prevent it best. For example, if you have logs of failed login attempts for a single user. You can launch an inquiry to see whether the user merely forgot their password or if someone is attempting to breach the account.
  4. IP Whitelisting- IP Whitelisting compares the user’s IP address to a list of “allowed” IP addresses to determine whether or not this device is authorized to access the account. If your firm only uses one or a limited number of IP addresses to access the internet, as is usually the case, you can add a list of IP addresses that are granted access. All other IPs will be sent to a page that isn’t allowed.
  5. SSO (Single Sign-On)- If your firm has a centralized user directory, using it to acquire access makes things more accessible and more manageable for you. You’ll have to remember one password, and if something goes wrong, your network administrator can deactivate all of your applications at once.

Richard Luna, CEO of Protected Harbor, stated: Unfortunately, this is how things will be in the future. The development tools used to create websites and mobile applications were created in the 1990s. Data transferability, or the ability to move data from one device to another, was a critical concern back then. The emphasis back then was on data proliferation. FTP comes to mind as a secure method with no encryption. Authentication was designed for discerning between good actors, not to harden data and protect against data theft because all data exchanges were between good actors back then. Now that we live in a different environment, we may expect more data breaches unless security is built into data transfer protocols rather than bolted on as an afterthought.

We’ve been helping businesses respond to these attacks for some time, including ransomware attacks and cross-pollinating destructive IP attacks across numerous access points and multiple AI use. If a company has 50 public IPs and we’re proactive monitoring the services behind them, and a bad actor assaults one of them, ban them from all entry points in all systems, even if it involves writing a synchronized cron job across firewalls or other protection devices. Add in artificial intelligence (AI) and comprehensive application monitoring, and a corporation has the tools to detect and respond to such threats quickly.

Final Thoughts

Data security isn’t a one-time or linear process. You must invest in software vendors, ongoing resources, time, and effort to ensure data security against unwanted access.

Cybercriminals are becoming more sophisticated every day, and they are employing cutting-edge technologies to target businesses and get illicit data access.

As the number of data breaches rises, you must become more attentive. It’s critical that your company implements concrete security measures and that each employee prioritizes cybersecurity.

If you’d want us to conduct an IT security audit on your current security policies, we’ll work with you to ensure that you’re well-protected against unauthorized data access and other cyber risks. Contact us today!