I got an interesting email this morning. It was “from” one of the owners of Xiologix – but the return address was a bit odd: “email@example.com” As this unfolded, it became obvious that this was a classic “spear phishing” attack. I’ll run you through the email exchange for entertainment purposes, and then talk about the lessons to be learned here. The original message was short and sweet: Read More
The cyberwar over who will control your PC and the data on it has been dragging on for literally decades, with no end in sight. Malware is big business. It isn’t about just wreaking havoc for the heck of it anymore – it’s about monetization: incorporating your system into a botnet that can then be rented out on the Dark Web, stealing your identity and sensitive financial information, or encrypting your data and holding it for ransom. This latter version, so-called “ransomware,” rakes in tens of millions of dollars annually from its victims, and, as we’ve stated previously, has proven to be one of the most challenging forms of malware to protect against. Read More
No matter your business—whether you’re a startup or enterprise business—if you collect customers financial data, you have a responsibility to safeguard this information.
Verizon recently released its 2017 Payment Card Security Report, which unfortunately shows that too many businesses are not set up to sufficiently ensure the security of payment card data on an ongoing basis.
There were some bright spots in the report. Verizon found that last year, just over 55 percent had full compliance with the Payment Card Industry Data Security Standard (PCI DSS). That’s an all-time high, but work still needs to be done. The report also found that within a year, almost half had fallen out of compliance.
Compliance is undeniably important. Out of the 300 payment card data breaches, Verizon found between 2010 and 2016; none were fully compliant with PCI DSS. But compliance only tells part of the story. Read More
Businesses are always looking for new communication and collaboration solutions to improve employee productivity and support growth. A modern phone system is a good place to start.
Today’s business has the option of Voice over Internet Protocol (VoIP) and a number of virtual systems with various calling features, collaboration solutions and network integration tools wrapped in. But what do you actually need? Read More
Interface Portland 2017 is just around the corner and you have the opportunity to participate in informative, non-sales oriented, educational presentations designed to meet the needs of our IT community. Xiologix has secured excellent speakers who will be available to you for the entire event!
BE SURE TO ATTEND | VISIT US IN BOOTH 117
TUESDAY, MARCH 14, 2017 – AT THE OREGON CONVENTION CENTER Read More
The cyber landscape changed dramatically during the course of 2016 — requiring organizations to kick off the New Year with a fresh perspective on cybersecurity.
So much happened in 2016. Online extortion grew with cases of ransomware threatening entire sections of the healthcare industry, financial services and even San Francisco’s transportation network. Smart devices were recruited to form botnets, taking down sections of the internet in U.S. and Europe. As the digital footprint of business of all types expand, so will the potential attack surface in 2017.
Here are 6 predictions of what lies ahead from our partner Fortinet, and what that means to you.
- Malware will become smarter. We’ve seen malware with “if this, then that” code built in. Expect to see malware a step short of artificial intelligence: While continuing to hide in the networks it infiltrates, it will also make more complex decisions and become more successful the longer it remains in a network. We’ll also see malware start moving across devices and platforms, making it harder to beat than ever.
- The Shadownet will rise. This fall, source code for the program Mirai was published and quickly used to pull together IoT devices into botnets that eventually stalled the internet on two continents. The next botnets won’t be as easily detected. These “shadownets” are in their earliest stages. The success of the attack against domain name infrastructure company Dyn in October 2016 is a harbinger of more attacks of this nature to come.
- IoT will become the weakest link. The current wisdom is that by 2020, 20 billion IoT and endpoint devices will be online, accessing the cloud to make transactions faster for their owners. These devices produced with almost no security and spread throughout the globe created a giant attack surface for hackers to target. The next logical step is to exploit the trust of IoT device owners to use these devices to access information in the cloud. Hacking these devices gives hackers access as well.
- Smart cities will be targeted. Cities are building efficient networks that turn on streetlights, monitor traffic and run emergency systems. These networks are predicted to become high-grade targets for hackers and politically-charged hactivists who’ll look for opportunities to shut down systems and graduate to ransomware.
- Ransom will be just the beginning. Hackers have been targeting healthcare and financial institutions, seeking ransom to unlock seized systems. Now criminals can download entire malware packages in exchange for a percentage of their ill-gotten profits. Expect to see more demands for ransom made upon institutions and high-profile individuals.
- Technology will help close the cyber skills shortage gap. The growing demand for cybersecurity experts has made finding in-house expertise next to impossible, even for companies willing to pay high salaries. Some companies will purchase ready-made firewalls or other devices requiring expertise to implement. The smarter enterprises will hire consultants to help create layers of security technology and who can offer networks of advisors.
Worried about what 2017 may bring? Start with a complementary cyber threat assessment. When you’re ready, Xiologix has the expertise and best-in-class technology solutions to help organizations meet their cybersecurity challenges head-on.