by Felicien | Feb 4, 2019 | Education
In Australia, citizens fear a terrorist attack or another national emergency just as much as the next country. For this reason, Australia has what’s called the Early Warning Network or EWN for short. Recently, a hacker was able to breach this system and took it over. The result was terrible in that it caused widespread panic. But it was also catastrophic in that it lessened the confidence Australian citizens have in their Early Warning Network system.
A Breach of Australian National Security
The breach of the EWN occurred on January 5, a Saturday evening. Hackers had somehow breached the EWN system and sent out an unauthorized alert to thousands of Australian citizens. Today, experts at the EWN have confirmed that their system was hacked. They say that an unauthorized individual somehow obtained login credentials for the system. Some of the EWM’s customers received a spam notification. The notification went throughout the entire country of Australia.
The notification read:
“EWN has been hacked. Your personal data is not safe. Trying to fix the security issues.”
Also in the message was an email address. The email address was alongside a prompt that users could unsubscribe to the EWN service. In addition to being posted on the website, the message was also sent through landlines, via text, and over email. Throughout Australia, tens of thousands of individual citizens use this service to get information from the government. All levels of the Australian government use EWN.
Right away after the attack, EWN understood that there was a breach in their security. They sent out a message and posted it on their Facebook page. It read:
“At around 930pm [A]EDT 5th January, the EWN Alerting system was illegally accessed with a nuisance message sent to a part of EWN’s database. EWN staff at the time were able to quickly identify the attack and shut off the system limiting the number of messages sent out. Unfortunately, a small proportion of our database received this alert.”
Contrary to what the original message from the hacker said, no one’s personal information was compromised. Only white page information could have been accessed, such as basic address information. Representatives from EWN also stated that some local, state, and federal government agencies were affected by the hack, but not all clients who subscribe with EWN were affected.
EWN was able to regain control of their services directly after the attack and are investigating the issue to prevent further breaches.
The Importance of Fortified IT Security in an Age of Rampant Cyber Hacking
It is common knowledge that the majority of businesses — no matter whether they are private, publicly funded, government related, or otherwise — are at risk of being hacked. Furthermore, hackers from around the globe are improving their techniques for accessing your private data and information.
This often begins with breaching the system by obtaining login credentials from individuals who already work or subscribe to a specific company, business, organization, or government agency. Naturally, this information is not given up willingly. Instead, it is obtained in a conniving and sneaky way so that the person giving up the login information doesn’t realize what they’re doing. Email phishing and phone call phishing are the top two ways that hackers obtain login information.
Chances are, your business organization is not completely safe from cyber hacks like the one that happened to EWN. Consider hiring an outsourced IT service provider who can improve your company’s security and prevent breaches from occurring.
by Felicien | Feb 1, 2019 | Education
On January 22, 2019, The U.S. Department of Homeland Security, DHS, Cybersecurity and Infrastructure Security Agency, CISA, issued an emergency directive. This emergency directive was put into place to address ongoing problems and issues associated with global Domain Name System, or DNS, infrastructure tampering. As a business owner or executive in charge of a business, you may have many questions about this and how it can affect your business. Here is what you need to know about DNS infrastructure tampering.
What is DNS Infrastructure Tampering?
DNS infrastructure tampering involves techniques that allows an attacker access to your DNS. They are able to compromise a users’ credentials, allowing them to make changes to DNS records. Once the records are changed and altered, it allows an attacker the ability to access and intercept many things related to the network, including but not limited to your web address, your mail traffic and web traffic. An attacker can take that information and redirect incoming traffic to an unsafe website that may contain viruses or may collect information about your customer or business. When the attacker accesses your DNS, they also have access to encryption certificates, which allows certain information to be decrypted. And unfortunately, since the certificate is valid, your users will receive no error warnings that the certificate is outdated, so they may feel safe putting in personal information.
How Can DNS Infrastructure Tampering Affect Your Business?
When an attacker tampers with your DNS infrastructure, they basically hi-jack your website. They can control incoming traffic, control where that traffic goes, and see personal information, such as names and credit card numbers. Unfortunately, if your page is hijacked, you have to tell your customers that their personal information may have been compromised, which reflects poorly on you. Your customers and clients expect you to keep your page safe for them, and if you fail to do so, it can be detrimental to your business.
How Can You Protect Your Business From DNS Infrastructure Tampering?
It can be difficult to determine if your DNS infrastructure has been tampered with unless you take the time to carefully review your DNS certificates. It is recommended that you take the time to audit your DNS records, change your DNS account passwords to more complex passwords and add multi-factor authentication to all of your DNS accounts. This should be done within 10 days, as the threat level for DNS infrastructure tampering is so high. This should also routinely be done in the future to ensure your DNS certificates have not been tampered with.
DNS infrastructure tampering can create a security threat to your business. It can negatively affect your business website, and any websites that those within your business frequently visit and interact with. Fortunately, there are steps you can take to help decrease the risk of DNS infrastructure tampering and protect your business. Having the right IT team in place and learning about security threats is imperative to keeping your business safe from threats at all times.
by Felicien | Jan 31, 2019 | Education
Adding a new name and email address to your list of Microsoft Outlook contacts is pretty simple. There are two different ways you can do it depending on whether you want to add the contact information from an email or just want to create a brand new contact.
How to Add a Contact From an Email
1. Right-click the name of the sender in the heading of the email from whom you want to add as a contact.
2. Select “Add to Outlook Contacts” from the drop-down menu.
3. After clicking, you will see a form which is partially filled in with information such as the person’s name, email address, phone number, job title, etc. Fill in any missing information or make any other changes you want.
4. When you are satisfied, click on “Save & Close” on the menu bar at the top of the screen.
How to Add a Completely New Contact
1. Find and select the person icon on the verticle menu bar on the left side of the window.
2. Click on the “New Contact” button on the top menu bar.
3. This will bring you to a completely blank form which will allow you to add the person’s name, email address, and other personal information including a photograph.
4. When you finish adding information, select “Save & Close” on the menu bar at the top of the screen.
That is it!
Now whenever you want to email the person you just added, you will only need to type in the first few letters and Microsoft Outlook will automatically suggest the contact. Remember that you can always change or add to the personal information for each of your contacts by selecting the person from your contact list.
by Felicien | Jan 31, 2019 | Education
What are the Proposed Changes to NC’s Data Breach Laws?
North Carolina’s lawmakers will consider legislation first introduced by the Attorney General Josh Stein and Representative Jason Saine. The proposed law would redefine the term “data breach” and give companies 30 days to report breaches to consumers.
For healthcare providers, this reduces the HIPAA timeframe, which states that breach notifications must go out within 60 days. According to the proposal, this gives consumers additional time to freeze their credit and take steps to prevent identity theft.
The law extends the definition of a breach to include ransomware attacks – a big change for healthcare providers, who have been targeted by recent hackers.
How Do the Proposed Changes Give Consumers Greater Control?
Consumers gain a number of protections, including the following.
Quicker notification. Receiving notification within 30 days, instead of 60, gives consumers a heads up so that they can take action to protect their credit and identity.
Credit freeze. Consumers can place a temporary freeze on their credit reports to prevent hackers and thieves from opening unauthorized credit cards in their name.
Credit monitoring. If a credit reporting company, such as Equifax, is breached, they have to provide four years of free credit reporting to impacted consumers. Other organizations that are breached have to provide two years of free credit reporting.
Clarifies penalties. Businesses that fail to report breaches within 30 days will be in violation of the Unfair and Deceptive Trade Practices Act.
What Does This Mean for Consumers?
The bill expands consumers’ right to information about the breached data, as follows.
Consent. A company seeking access to a person’s credit information would need that person to express their permission. The reason for the request has to be provided in writing.
Right to request information. North Carolinians can ask the consumer reporting agency to give them a list of credit-related and non-credit information, its source, and the entity or person that received it.
Why is the State Considering the New Rules?
North Carolina hosts the headquarters of many credit card companies and financial institutions and the legislation follows a dramatic rise in breaches throughout the state. According to Health IT Security, 1.9 million North Carolina residents were compromised in 1,047 breaches in 2018. This was a 3.4 percent increase over 2017.
This is the second attempt to tighten privacy laws in the state. If this bill passes, North Carolina would join several other states that have passed similar laws to combat digital thieves. For example, Colorado passed legislation to shorten their breach notification to 30 days in 2017, and Iowa is proposing a 45-day deadline to notify consumers.
Is This Just Happening in North Carolina?
On the national front, lobbyists and some Congress members are also calling for more protection for consumers whose data has been compromised. For instance, the Information Technology and Innovation Fund has suggested scrapping the hodge-podge of privacy regulations, such as HIPAA, in favor of more unified federal privacy laws.
by Felicien | Jan 31, 2019 | Education
Do you want to have the ability to stay on top of your emails from anywhere without the need to learn a new email system? Then enjoy the convenience of using your Microsoft Office 365 email and calendar directly on your smartphone. The Microsoft Outlook app is available for both iPhone and Android devices, it is free to use, and only takes a few minutes to get it up and running.
A Quick Guide to Installing the Outlook Office 365 Mobile App on an iPhone
The first step is to download Microsoft Outlook from the App Store. Be sure to search for and download the latest version of the “Microsoft Outlook – Email and Calendar” available from Microsoft Corporation.
Once the Microsoft Outlook app finishes downloading, open the app and select “Get Started” from the menu. Choose “Get Notifications” if you want to receive email alerts. Remember, you can always adjust your notification setting in the future.
To connect with your Microsoft Office 365 account, input your email address and click “Add Account.”
This will take you to a login screen with the email portion of the form already filled. Enter your email’s password and select “Sign in.”
If you want to add additional work or personal accounts, you now have the option. If you don’t want to add more accounts at this time, click on “Maybe Later.”
Go through the tutorial to learn how to use the app to write, read, and respond to emails or access your calendar. Now, whether you access your Microsoft Office 365 account using your phone or computer, everything will remain perfectly synched.
A Quick Guide to Installing the Outlook Office 365 Mobile App on an Android Phone
First, go to the Play Store and search for the latest version of Microsoft Outlook. Once you find it, click on “Install.”
When Microsoft Outlook finishes downloading, open it and choose “Get Started.”
Type in your Microsoft Office 365 email, and select “CONTINUE.”
Now you need to log in using your Microsoft Office 365 credentials. The email portion of the form is already complete, so just enter your password and select “Sign in.”
At this point, you can either add additional accounts by clicking on “CONTINUE,” or skip this step for now by tapping “SKIP.” You can easily add additional accounts in the future.
Learn how to use the app to write, read, and respond to emails or access your calendar by going through the short online tutorial. Now your Microsoft Office 365 account will remain synched whether you access it through your computer or smartphone.
Once you have on-the-go access to your Microsoft Office 365 email and calendar, you will find yourself being more productive no matter if you are in or out of the office.