There was a hugely popular commercial in the early 2000’s based around the concept of two guys, one who was prone to huge vulnerabilities, and the other who never had to deal with that problem. The commercial? Windows vs Macintosh, at that point already an old debate. In the commercial, it was claimed that Macintosh computers were less likely to have to deal with viruses than Windows computers. While the debate mainly comes down to cost, software and preference these days, the claim about Macs having fewer viruses was largely true at the time.

Today, this is no longer the case. Macs deal with viruses, ransomware and hacks at the same rate as Windows do. The reason that they didn’t deal with attacks as often was simply because they did not have the same level of market penetration as Windows, and the time to develop attacks was not yet worth it. It is the same situation today with smart devices in workplaces, as well as the myriad of “smart” Wi-Fi enabled tools and devices that can be connected to using Bluetooth. Where it might not have been a large vector of attack a few years ago, that is no longer true.

The Danger for Remote Workers

According to a study conducted by UTSA cybersecurity researchers, attacks on devices other than computers (smart thermostats, bulbs, cameras, home devices etc.) nearly doubled during the first months of the pandemic compared to the period before the pandemic started. According to their research, up to 9 in 10 smart devices send unencrypted information that can be intercepted by hackers. With more people working from home, this represents a real risk that their computer could become infected, especially if it is not properly protected. This is one of the reasons it is so important to have a cybersecurity plan in place. These attacks can jump from an employee’s laptop on to work servers, at which point they can deal a huge amount of damage. 

The Danger for On-Site Workers

It’s not just homes, either. Forescout Technology recently released a report that shows that smart devices from over 150 manufacturers might have vulnerabilities that can be exploited. Besides consumer devices, affected systems include office routers, medical equipment, and critical infrastructure that is used widely—including in water and power plants. Some of their recommendations included making sure that critical systems were not connected to the internet and ensuring that they could not be connected to by anyone off-site. They also recommended using measures to limit who has access to these devices and to keep them separated from your network.

Why Smart Devices Are Vulnerable

Generally, smart devices focus on solving problems they think consumers might have. They do not generally spend a large amount of time focusing on security, and as a result can have sloppy security programming. While some of them might make use of open-source software (which can be its own double edged sword), even more of them use systems that are completely proprietary, meaning that you won’t know of a potential attack vector until it already happens. All of these issues only multiply when there are no defensive measures in place. 

If you are currently unsure about devices that you have in your office, contact us today to schedule a cybersecurity review to see where you might be vulnerable!

IT Consulting Service & IT Support in Austin, Texas

If you are interested in finding a reputable managed IT Service company in Austin, Tx, look no further. tekRESCUE provides each company in Austin that we work with specialized IT service for their businesses. Having someone to turn to in Austin for IT consulting can give your company the edge it needs to be more competitive with your targeted audience.

When “2001: A Space Odyssey” made its debut in 1968, the idea of a computer that could interact with us to serve our needs seemed like a far-off fantasy. In 1999, Disney Channel came out with a cheesy movie, aptly named “Smart House”, about a home programmed with AI to be a surrogate caretaker. The main plotline in both of these movies is ultimately that the AI grows ever more conscious and eventually decides to turn violent. While obviously it is highly unlikely that your Alexa will devise a way to kill you, that doesn’t mean that using smart devices in every situation is completely safe. We’ll discuss some of these dangers below.

Why You Should Be Cautious About Smart Devices

There’s a joke in the IT community that those with some or a fair amount of experience with computers will have Nest on their door, or Ring cameras throughout the house, smart lights, an Alexa in every room, a smart thermostat, electronic locks, tons of devices that can be controlled through Bluetooth, and many parts of their house equipped with smart equipment. IT professionals tend to know how dangerous all of these are and will stick with just a 2004 printer, control for media devices only through a protected Wi-Fi, and their trusted devices. Otherwise, they will completely avoid smart devices. While this is not always true, there is a level of truth to it.

One of the primary dangers associated with smart devices is that they can be externally controlled and accessed. This will represent different dangers depending on what specific type of tool it is that you are using. For example, something as seemingly innocuous as a smart utility system may transmit its network information unencrypted, or it may allow access to your general internet of things. The internet of things is all of the devices that you have in your house that are connected to each other and the network. While this can be very convenient, it can quickly turn into a nightmare if a hacker gains control of your connected devices.

How Hackers Can Take Advantage of Smart Devices

Some hacks can make use of access to any single device with network connection to gain access to your network. From that point, the vulnerability would come from the fact that there are attacks that only need access to your network to ultimately read packets sent to your router and potentially gain access to your computer. Once they can access your computer, they will be able to read all unencrypted information (and even some of the encrypted information), potentially gaining access to your laptops and planting a keylogger from there. Once that is done, it would be possible for the hacker to gather all your banking, social media, network, and personal identifiable information. This could all be used for purposes like ransomware, identity theft, data sales or for infecting and adding your computer to a botnet. 

A Real World Example

As an example, an ABC affiliate in Cleveland showed how easy this could be done. An ethical hacker that they hired used a discarded smart bulb to gain access to someone’s network passwords, allowing him to intercept data that the user sends to the router using a device that only cost $15. Using common passwords, he also gained access to another neighbor’s thermostat and smart utility system. Besides harassment, a professional thief monitoring this long enough could eventually find out when they had gone out of town and use that opportunity to execute a robbery.

Key Takeaways

Hopefully now you are aware of some of the dangers of using smart devices and other Bluetooth/Wi-Fi enabled tools in your home. While these devices can be convenient, they can present a golden opportunity for hackers to access your sensitive information. If you do end up buying smart devices, be sure to give each device a strong, unique password and make your home network as secure as possible. A little bit of precaution can go a long way towards lessening the danger these devices present.

With the recent high-profile hacks that have been reported on by major media outlets, cybersecurity has taken a larger place in the public conscious than ever before. While some of these hacks were perpetrated by foreign governments against other governments, others were carried out by and against private organizations. In rare cases, these hacks were successful because someone was able to exploit existing security measures to gain access to publishing code and implement exploits from there. More commonly, however, these attacks were carried out via a much more simple approach: social engineering. Below, we’ll discuss how social engineering hacks play out, what they mean for your company, and what you should be aware of moving forward as a business owner.

What Is Social Engineering?

Social engineering is common tactic criminals use to gain access to organizations and their data. Instead of exploiting or cracking security measures, social engineering relies entirely on eliciting someone’s trust, using personal information to manipulate someone, or using an individual’s information to manipulate security measures. Through these methods, an attacker can gain access to emails, server logins, system accounts and general data—both customer and financial. Sometimes, the criminal will use social attacks to gain access to a network or database and insert malicious code to accomplish their ends.

What Does This Mean for My Company?

It means that while not all of your employees will need to have the tech literacy of an IT professional, they will need to be able to recognize the basic forms of social engineering attacks to avoid them in the future. This can be accomplished through training and reports based on potential outcomes. Employees should know best practices to avoid falling victim to a social engineering scheme, and they should understand how devastating the consequences can be for the company if they do fall victim.

What Should Someone Be Aware of as Possible Avenues for Attack?

Far and away the most common route in which someone will hack you through manipulation is via email. Some dangerous emails will look official, and some will not. Watch out for subject lines such as, “Your account has questionable activity on it”, “4th of July Hotel Deals”, “Large Corporation Monthly Bill Change Update”, and other emails that do not seem personal in any way. It is all a numbers game, and the numbers will always be in the attackers’ favor if your company isn’t prepared.

You will also want to make sure that you have the proper systems in place to ensure compartmentalization and the sterility of both office networks and business data. Attacks can happen in many ways, which means that your entire business is only as strong as its weakest link. This is especially true in a work from home environment, but it extends beyond that. If one employee gets a virus on her phone that allows access to her email, that could be all that is needed for an attacker to gain full access to the company’s systems.

For example, imagine an employee who gets a virus on their personal laptop through social media. This employee has a dedicated computer for work, but they sometimes bring their personal laptop in to the office for personal use. All that is needed is for this person to connect the infected laptop to the office network, and they could potentially infect the entire network and all devices connected to it. An interconnected network full of different devices also means that if something as simple as a printer with Wi-Fi gets infected, then without a proper cyber security plan in place you could be at risk of a total hack or ransomware. Making sure that any unapproved network access does not cripple the entire company is just as important as avoiding threats in the first place.

What Should We Do to Prepare?

If some of your employees are working from home, it’s important to institute security policy—potentially one that limits any activity that could expose them to viruses on their machine. Alternatively, a policy could be built around each individual device. It is important to run monthly tests and have reports, which are both something a cybersecurity professional can help you with. As mentioned above, another important aspect is educating your employees so that they know what scams look like and how to avoid viruses on their work computers. It may also be worth it to implement a network for personal devices and another for work devices. This way, if someone’s phone gets infected, it won’t end up infecting coworkers’ devices and by extension their user accounts.

If you’ve never been hacked before, you might think, “Come on, would hackers really target me or my business?” And the answer is yes they would. Data shows that cyber attacks are extremely common and can happen to any business or website. These attacks result in huge monetary losses more often than not, but having the right security measures in place can go a long way to not only minimize the damage of a successful attack but also deter attackers in the first place.

Below, our San Marcos managed IT service experts take a deeper look into the many reasons why full stack cyber security is essential for any business in today’s age where serious cyber attacks are more common than ever.

1) Costly Attacks Can Happen to Any Business

Understanding the Scale of Cyber Attacks

According to Cybint Solutions, up to 57% of businesses will be targeted at some point with a hack, 62% with phishing and social engineering attacks, and 51% with direct denial of service attacks. And more than that, if you have a website, almost every single website that is listed on Google will have at least attempts made to crack the admin password. Even if this is not a full blown attack, it shows the sheer scale of hacks that currently exist.

Understanding the Costs of a Successful Attack

Up to 43% of businesses were the victim of a successful breach within the last year. When it comes to small and medium sized businesses, the average successful data breach will cost 2.2 million dollars. And while this is an average figure, and some cost significantly less and some cost tens of millions, the cost of each breached record can cost a company up to $300 in lost clients, restitution, data security cleanup and more, both according to IBM. 

2) Security Measures Make a Real Difference

Minimizing the Damage of an Attack

With all of these negative factors, what can your business do? An IBM report also looked at the cost of all businesses that were hacked, and the average hack resulted in losses of more than $5.2 million. With a response team in place and encryption set up by a cyber security firm, however, these losses were reduced by nearly $720,000. And by having automated security technologies set up by a team (think AI that defends and scans for hacks and runs automated penetration tests) you can more than half the cost of a data breach to $2.6 million, combined with the savings from having a team in place can lead to severely decreased costs, should a breach be successful.

Deterring Attackers in the First Place

Most hackers are hackers of opportunity. Once they see that your systems are well defended, they will generally decide that it is not worth the effort. So besides the fact that any breaches would be far less likely to be fatal to your business, they are also far less likely and can lead to you not having to deal with it at all in the first place.

3) Many Threats Are Internal

Understanding the Vulnerabilities

Finally, sometimes the largest threats are actually things that exist in your company already. These include things such as unsecured routers, employees with bad tech hygiene, bad systems in place for sharing and exporting data, lack of encryption, out of date software and more. Since all it takes is one of your software or hardware providers to be hacked (say, a manufacturing automation, a point of sales system or a medical billing software), one small vulnerability can potentially lead to catastrophic results when exploited.

Addressing the Vulnerabilities

Having a full-stack company come in will allow the weakest points of entry to be detected and will ensure that it does not get exploited. By having a network that automatically scans for what default traffic looks like, you can detect if a piece of software has become breached and can prevent anything disastrous from happening to your network in the first place. 

Find Managed IT COMPANY Services in San Marcos TX

If you own a business in Central Texas or the Austin area, it’s important to have a full-stack company with a local base who can send technicians on-site as needed. Located in San Marcos, the managed IT services team at tekRESCUE is always ready to help secure businesses of all sizes in the Central Texas area. Contact us today to learn how we can help improve your business’ cyber security.

While the age of the internet has brought on so many benefits and conveniences to everyday life,  it hasn’t been without downfalls as well. With almost everything being digitized, a new realm of danger has also been created in the form of “cyber crimes.” Cyber crime has become a very real threat that individuals, businesses, and agencies alike must defend themselves against. The FBI considers cyber security a high priority, as there has been a collective loss of several billion dollars due to cyber crimes and the repairs needed as a result. To celebrate cyber security month, we put together this outline of types of threats and ways to avoid them! Practicing good cyber security is just as important as locking your doors at night, as both protect the people and things you care most about from outside threats. 

Types of Threats

Unfortunately, there is not just one type of threat when it comes to cyber crimes, and while individuals over the age of 50 are more likely to be the victims of these crimes, there is not one specific targeted people group. Everyone should practice thorough cyber security!

Identity Theft – Because of the high volume of personal information being digitized, it’s easy for a low level hacker to gain pertinent information about you and use it illegally. In the past, someone would need to steal your physical credit card in order to hijack your finances, but now, with online access, this can be done remotely for a cyber criminal. 

Predators – Not only is our private information like banking and criminal records online, we also put day to day information on the internet, sometimes without even thinking about it. Social media, while it can keep us connected and increase networking capabilities, can be a breeding ground for online predators. Almost half of the world’s population uses some form of social media, and over 70% of Americans use social media daily, including children. Some social media sites, like Facebook, allow you to list your age, school, and activities right next to a profile picture of your choice. This, along with our own habit of tagging our locations, often sharing patterns in our daily routines, gives online predators a road map into our personal lives. 

Phishing and Ransom – Email has always been one way for hackers to infect your computers making your information vulnerable, and this process has become more and more sophisticated in recent years. Now, these emails look strikingly close to legitimate emails you would want to open from associates, your bank, or even the government. Typically, these emails include a link for you to click, and BAM – you have just been the victim of a phishing scam. 

One of the worst types of phishing scams involves ransomware. This is a type of malware that causes individuals or even entire agencies to lose all access to their database until they pay a ransom to the cyber criminal who orchestrated the attack. Hospitals, police departments, schools, and banks all have very valuable information online that needs to be accessed, so this gives hackers leverage to try and get large sums of money in exchange. For example – most hospitals use digital pads to keep track of patient medical information instead of paper clip boards, so if a phishing scam held that database for ransom, patients lives would be at stake, motivating hospitals to pay money in hopes of getting a decryption key to get up and running again. Any individual or business can be a target for this type of malware, and any unexpected email received should be approached with caution. 

Cyber Security Tips

With all of the potential threats to our personal information online, it is important to practice good cyber security on all platforms. Here are a few tips you can follow to strengthen your cyber security and protect yourself against online predators, hackers, and identity thieves. 

Update Your Software – Your personal devices like your laptop, smart phone, and tablet will regularly have system and software updates available. While sometimes these updates include obvious aesthetic changes to the layout, often times these are small updates that have to do with securing the system. You always want the most recent software update on your devices to ensure your information is secure. 

Use Software Protection – Investing in an anti virus or software protection is huge in fending off cyber crimes. Not to mention, some malware is just damaging to your device all together, so actively using software protection can also prolong the life of your equipment. 

Be Wary of Public WiFi – Using an unsecured WiFi network to access information online can leave you vulnerable to remote hackers. If you must use public WiFi (hotels, airports, coffee shops, etc), avoid logging into sensitive material like banking accounts. Also, if you find yourself needing to use public WiFi often, consider investing into a VPN (virtual private network) which allows you to share and access data on public networks as if it were a private one.  

Up Your Password Game – The average person has over 25 different online accounts that require a username and password. Between work accounts, online banking, social media, insurance records and more, people often find themselves recycling the same few passwords for all of the above. Having unique, personalized passwords for your accounts is a huge factor in your online security. This year alone, over 7 million people utilized “123456789” as a password, and over 3 million simply used the word “password.” Be smart with your passwords, and use a combination of letters, numbers, and symbols that you can remember to protect yourself and your information online!

Don’t Over Share – We aren’t just concerned with your cyber security but your personal security as well! While it might be fun to brag to your friends and family about your upcoming vacation,  by posting a status update on facebook stating you are leaving town for the week, you could be letting a predator know your house is going to be empty. This is especially true if you don’t have a strong vetting process for your friends list or if your profile is set to public. It’s fun to share with your friends and family online, but by making your personal plans or routines aren’t available to the internet world, you might be making yourself vulnerable to less desirable spectators in the cyber world!

Be Smart – There are certain practices you learn to be common sense in the real world like looking both ways before crossing the street, not walking down dark alleyways alone, and avoiding gas station sushi. There are basic common sense practices in the cyber world as well like never sharing any passwords, keeping your social security, banking, and log in info private, not clicking on links in your email from senders you don’t know, and always using software protection on your devices. By following some of these golden rules in cyber security, you can avoid being added to the ever growing list of cyber crime victims.  

Why Trust tekRESCUE’s San Marcos Web Design and IT Experts?

As an all-in-one technology consulting company offering managed IT, website design, and SEO in San Marcos TX, tekRESCUE has experience approaching the topic of cyber security from multiple angles. From setting up the IT infrastructure of local businesses to taking on website design in Austin TX just up the road, our team has hands-on experience not only in network and data security but also in navigating the web space safely. And with experience as an Austin SEO company as well as practicing SEO in San Marcos TX, we have experience in large markets as well as small. Contact us if you have any concerns about cyber security, and we’ll be glad to help!

Network security has been and will continue to be a topic of conversation for businesses large and small. As hackers step up their game and use methods to manipulate, extort, and jeopardize the personal and private information of your clients and employees, our efforts to protect said information also has to adjust, change, and improve. Beyond doing the minimum of achieving HIPAA compliance, you should always be looking to improve your network security ensuring the privacy of every associated part of your business.

Recognize Your Gaps

When it comes to your business’ network security, you do not ever want to be overconfident. You should regularly review your network from end to end. Every computer, server, and device should be regularly inspected as any one of these could open the door for intruders into your network. Vulnerability assessments should be run by a managed IT department in Austin regularly in order to pinpoint any area that might be considered a weakness. This can help identify out of date software, evidence of malware, weak passwords, unusual activity, and more. 

Training

Educating anyone in or associated with your company that might have access to the network on how to properly approach usage is critical in maintaining security. This should be an ongoing aspect of your professional development as standards, softwares, methods, and forms of threat are often changing. Any individual with access should be well aware of the requirements expected of them and also the consequences of failing to maintain a HIPAA complaint network security. 

Outsourcing Network Management

Because of the ever changing technology along with new methods outside hackers could use to put your network at risk, it might be in your business’s best interest to outsource your network security to a company that is specifically dedicated to network safety. Even if you have onsite IT personnel, consider the scope of work and responsibility in maintaining a tightened network security. Especially if you are handling sensitive information, it might be worth your while to hire an outside company to manage it. If you are in the majority of businesses looking to increase their IT security budget, outsourcing the job can also save your company money in the process. Instead of putting additional people on your payroll with required benefits that come along with that, hiring an outside company can alleviate a lot of that pressure for your business while still maintaining a strong and secure network. tekRESCUE is a small business that specializes in cybersecurity in Austin Tx and can be there for you for all of your security needs.

Limit Access Points

Any device that has a connection to your network can be used to contaminate the server, even if done unintentionally. If your business has multiple network users, or even a third party partner, creating a virtual private network can help protect your main database from any weak points that might be created by an infected device logging in. Requiring any user with access to your network to have a company wide malware protection can also create some consistency in your protection as well. Remember, it is your job to prove at least a good faith effort in not only remaining HIPAA compliant but also in protecting your employees and clients from the dangers of outside network threats.

Here at tekRESCUE we specialize in managed IT for all Austin Tx companies! Give us a call today. We would love to hear from you.