Even Computer Hardware Manufacturers Can Get Hit By Ransomware

Retailers, hospitals and financial institutions tend to be the targets of choice for the hackers of the world. Of course they're not the only targets of ransomware and other online threats. The simple truth is that any company can find itself in the cross hairs of a hacker.

The most recent victim is Taiwanese motherboard manufacturer Gigabyte. In addition to shutting down manufacturing operations in Taiwan the attack also took a number of the company's web-based systems. They include its online support and the Taiwanese website itself.

The investigation into the matter is ongoing. The early indications are that the company fell victim to the RansomEXX strain of ransomware. In addition to locking files on a number of Gigabyte's network devices the hackers made off with some 112 GB of data. The hackers have published portions of this data on their own website on the Dark Web as proof that they were indeed behind the attack.

The Ransom EXX strain has an interesting history. It began life in 2018 as a strain called Defray. For the first couple of years of its life it gained little traction among the hackers of the world. It wasn't used in many high profile attacks.

It seemed to go dormant and re-emerged in 2020 as RansomEXX with a raft of new capabilities. It is not clear whether it was abandoned and picked up by a new hacker group or the original Defray authors used their initial experiments to refine the code. In its current form RansomEXX is a dangerous threat indeed and is capable of infecting both Windows- and Linux-based systems

The group controlling the malware has used it to attack a number of high profile targets in recent weeks, including:

• The Texas state Department of Transportation
• The Brazilian Government
• IPG PhotonicsAnd more.Be on your guard against this one. You definitely don't want to be the hackers' next victims.

Call SpartanTec, Inc. now if you need help keeping your company protected against ransomware and other  online threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Coalition Of Big Names Coming Together To Fight Ransomware

If you're worried about ransomware attacks know that help is on the way.

The CISA (Cybersecurity & Infrastructure Security Agency) has announced a partnership with some of the biggest names in tech. The specific purpose of this collaborative effort called the Joint Cyber Defense Collaborative is to put an end to ransomware and other serious cyber threats.

In recent years ransomware has emerged as one of the favored tools of hackers around the world. It allows hackers to profit in two ways from networks they break into. They can sell any data that they collect prior to locking files and they can charge the victim a hefty fee to get their files unlocked.

The collaborative effort has gained global attention and the following companies have joined the government to assist:

• Amazon
• Google
• Microsoft
• Crowdstrike
• AT&T
• FireEye
• Mandiant
• Lumen
• Palo Alto Networks
• And Verizon.

The Collaborative will be expanded as time goes by and will eventually include other companies as well per the CISA. Also note that the CISA is not the sole governmental agency participating in the Collaborative.

The other agencies involved include:

• The FBI
• The Office of the Director of National Intelligence
• The Department of Justice
• The NSA (National Security Agency)
• And US Cybercommand

This isn't a half measure. There is much width and depth of expertise in the two lists above. It is apparent that the Collaborative means business and has the resources to get the job done.

No one is expecting that the Collaborative effort will be able to put an end to cyber attacks. With the capabilities of this group they will undoubtedly be able to make some serious headway. The very existence of the Collaborative may be sufficient to give at least some hackers pause.

This is great news indeed if you're at all concerned about cybersecurity and the threats that hackers around the world pose.

Call SpartanTec, Inc. now if you want to protect your company from ransomware and other online threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

What SMBs Need To Know About Cybersecurity Insurance

A cybersecurity incident can be devastating to any company. But for a small- or medium-sized company, an attack can shut down the business. That’s why insurance is becoming a critical component of a comprehensive cybersecurity strategy.

But where do you start to make a choice in plans?

Cybersecurity insurance, often called cyber liability or data breach liability insurance, is a type of coverage that stands alone from other types of coverage. Should a network outage or service interruption be caused by a data breach or other cyber event, it helps the insured recover losses.

Here’s what you need to know to choose the policy that best suits your risk profile and business needs.

• Ransomware is on the rise; but so far, demands have had relatively low dollar figures. Now that hackers know companies will pay to have data returned, price tags will rise.
• Data protection is a priority for businesses as well as regulators, but when a determined hacker exposes that data to criminal elements, that business is now out of compliance. Fines and penalties may rise as the threat continues.
• Smaller businesses, it is presumed, will not spend the same on security as larger companies, and are perceived as a softer target by hackers. This view is self-fulfilling: If more attack because the target is perceived as weak, the target will find itself under attack more often.
• Hackers will grow more sophisticated, using viruses that are harder to detect, adapting open source malware they can purchase online, and in some cases, assume the identities of company players and wreak very expensive havoc.

What do you pay for with a cybersecurity insurance policy?

The policies for cybersecurity insurance are different from general liability or property plans because the prices and exclusions for this type of coverage vary much between insurers. But the cost is high in part because the cost of a breach is high and includes ransomware payouts, compliance penalties, breach remediation and reputational loss.

How to Minimize Costs of a Cybersecurity Breach

There are two best ways to avoid all these costs — the first being to deploy an advanced cybersecurity platform, one that has a “security fabric” or layers of protection, so threats that slip through the first layer can be stopped or slowed at subsequent layers.

The second is to make insurance part of that plan. Start with risk assessment with an expert who knows security. Take advantage of companies like Fortinet, a VLCM partner, and its free online cyber threat assessment program.

You’ll need to carefully review financial and customer data, and know if they are high- or low-risk. You’ll also need to know where you’re vulnerable, and that’s where an expert can help.

Remember, insurance alone is not enough to protect your business from the harms of cyber crime. Most policies will not cover intellectual theft — stolen plans, software code, or other property that is unique to your business. Insurance often cannot cover reputation or customer loss, because that cannot be charted on an actuarial table.

 

Your insurance needs to be coupled with strong cybersecurity controls and best practices.  SpartanTec, Inc. can deliver the advantages of multiple layers of protection. Contact us.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Older Industrial Technology May Have Security Risks

The vulnerability of Industrial Control Systems has been getting a lot of press in recent months. That's a good thing because most people don't spend much time thinking or worrying about such systems. Unfortunately they are among the most vulnerable systems of all.

Industrial Control Systems haven't really changed all that much in the past decade or two. The protocols they use are fairly rudimentary by today's standards. It's no surprise that they are a fair bit more vulnerable than more modern and robust systems.

Researchers at Forescout Labs and JFrog Security recently underscored this fact by highlighting fourteen different security flaws found in the protocols commonly used by Industrial Control Systems.

They've dubbed the set of flaws "Infra:Halt". As that name suggests these exploits can bring broad swaths of the nation's infrastructure to a screeching halt. That is if hackers make use of the exploits and most security experts agree is just a matter of time.

Forescout wrote extensively about each of the fourteen exploits on a recent blog post.

Daniel dos Santos (research manager at Forescout) had this to say about the risks:

"When you're dealing with operational technology, crashing devices and crashing systems is something that can have various serious consequences. There are also remote code execution possibilities in these vulnerabilities, which would allow the attacker to take control of a device, and not just crash it but make it behave in a way that it's not intended to or use it to pivot within the network."

This is a serious threat indeed. Fortunately patches that address many of the cybersecurity vulnerabilities are currently available.

If your business is in any way connected to the sale or maintenance of Industrial Control Systems the researchers urge immediate upgrades. Upgrades will patch the currently known vulnerabilities in order to minimize risk.

Call SpartanTec, Inc. now if you need the help of IT support experts in minimizing the security risks to your company.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

The Basics of Outsourced IT Support

Outsourced IT support involves putting your trust in a managed IT services provider to take care of all the IT needs of your business.

It includes cybersecurity, IT infrastructure, network monitoring, disaster recovery, IT infrastructure, and cloud migration.

Outsourced IT support goes beyond contacting a technician to fix a disconnected server or a broken computer. It is about creating a partnership with a reliable managed service provider to monitor as well as protect your digital infrastructure and your data. Such a partnership goes beyond band-aids and quick fixes and will work constantly to check up on your network in order to neutralize the threats even before they happen.

What Advantages Does Outsourced IT Support Offer?

Savings as well as Predictable Budgeting

If you outsource the IT support of your company, you can save a large amount of cash. The cost of hiring a full-time staff for your professional IT team, creating your firm’s own internal IT services, as well as operations are a lot higher than working with an MSP. As a matter of fact, research revealed that the increase in the IT outsourcing of about $96.14 million resulted in an average of about $121.14 million decrease in the operating expenses in IT as well as other non-IT functions such as administrative costs and sales.

 

  Call Now   

 

Outsourcing IT support could also assist you in managing your IT budget. Instead of paying to repair problems as they come or replace equipment when they break, many managed service providers will charge a flat monthly rate and assist you in developing a yearly technology budget in order to save you money and time over time.

Professional Reliability and Expertise

No one person can cover all of the skills as well as sectors in the field of IT. By having an internal IT staff, you are depending on them to take care of different services. These services span from cybersecurity to network monitoring to cloud integration to technology deployment. If you outsource your IT support, your managed service providers will bring a diversified IT team who can work across various industries. Instead of having an internal staff who are stretched thin in different IT areas, your managed service providers could assign a qualified professional from their team that specializes in the skill that’s required for the task.

Another huge benefit that you will enjoy when you outsource your IT is reliability. With an internal employee, your projects and IT service could be disrupted by employees who are on sick leave, PTO, or leaving the firm, which will put a strain on your company resources. With IT outsourcing, you don’t have to worry about a period of higher risk or a break in your service.

Reduced Risks of Cyberattacks or Downtime

Outsource your IT support to a trustworthy managed service provider so that you don’t have to worry about a compromised operational technology. If you have a professional team of IT support on your side, you can lower the possibility of server downtime or cyberattacks that could lead to a data breach.

Call SpartanTec, Inc. now if you're looking for a reliable provider of IT outsourcing services.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

This Malware Can Take Control Of Facebook Accounts

Do you have a Facebook account? Even if it has been a while since you last logged on there is a new threat you should be aware of. A new strain of malware called FlyTrap was used recently to take control of thousands of Facebook accounts. Yours could be next if it hasn't been compromised already.

FlyTrap is an Android-based malware strain that works by stealing cookies. It relies on a few basic social engineering tricks to lure unsuspecting victims to using their Facebook credentials to log into a malicious app. The app harvests the login data allowing the hackers to reuse it later.

This malware strain is so dangerous because of the fact that many people make regular use of their Facebook login credentials as a quick and convenient way to log into a variety of other sites. That is even if they haven't actually been on Facebook in a very long time.

Essentially that means that those users are reusing the same password across a great many sites on the web and once the hackers have your Facebook credentials they can, of course, log into any site you've used them on.

 

Call Now

 

According to cybersecurity researchers, the hackers controlling FlyTrap have been running campaigns since at least March of this year (2021). They're offering highly attractive incentives like Netflix coupons to lure unsuspecting victims to hand over their credentials.

If you see an offer that looks too good to be true ("Login here with Facebook to claim 3 free months of Netflix!" for example) then steer clear. It's entirely possible to find legitimate and completely safe offers like that on the web. All too often it's a trap with means to deny you control over your account. Don't fall for it.

Call SpartanTec, Inc. now if you need help in protecting your company against cybersecurity attacks.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

New Mac Device Malware Is Bypassing Apple Security

Apple is generally very good about providing its users with a safe and secure computing environment. For many years the company was able to rightly claim that Microsoft had a far worse problem with malware than Apple did. That is still true but the gap has now virtually disappeared. As Apple products surged in popularity hackers took note and began finding ways around Apple's impressive security measures.

Researchers at Trend Micro have recently discovered a malware strain they've dubbed XCSSET which is especially good at bypassing Apple's security measures.

Most applications are run in an Apple Sandbox so that their ability to gain access to system information or compromise a component in some way is sorely limited. Hackers have discovered at least a partial workaround that gives them access to some of a user's sensitive data where certain apps are concerned.

XCSSET works by creating a simple text file on a victim's computer.

This text file is keyed to certain apps, including:

• Telegram
• Google Chrome
• Contacts
• Opera
• Skype
• WeChat
• Evernote
• And others

The text file is created in the sandbox and simply logs everything that happens in it. All a hacker needs to do to gain access to a user's Telegram account is to copy and paste the log file onto their own computer and all of the relevant login information is right there.

 

Call Now

 

The same holds true for all of the software listed above. Note too that in the case of Google the log file will contain any passwords that Chrome saves inside the browser. If you use Chrome as your primary browser and log into your bank, make credit card payments, and the like, then all of those accounts would be at risk.

XCSSET is a genuine threat. Stay on your guard against it and make sure your employees are aware of the risks.

People also ask

Can Apple be infected with malware?

Yes, Macs can get viruses. Sadly, your MacBook, iMac, or Mac Mini can all get infected with malware. Macs are less vulnerable than Windows computers, but viruses and hackers can successfully attack them too.

 

https://clario.co/blog/can-macs-get-viruses/

Does Apple have a malware scanner?

While your Mac can definitely be infected with malware, Apple's built-in malware detection and file quarantine capabilities are meant to make it less likely that you'll download and run malicious software. Apple introduced malware detection to the Mac OS with Snow Leopard (Mac OS 10.6).

How to check your Mac for viruses | Macworld

 

How do you know if your Mac is infected with a virus?

Signs your Mac is infected with Malware

1. Your Mac is slower than usual. ...
2. You receive security alerts without scanning your Mac. ...
3. Your browser has a new homepage or extensions you haven't added. ...
4. You are bombarded with ads. ...
5. You can't access personal files and see a ransom/fine/warning note.

https://clario.co/blog/how-to-tell-if-mac-is-infected/

 

Call SpartanTec, Inc. now and let our team of IT experts protect your network and business against malware and other types of cybersecurity threats.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence