by Felicien | May 29, 2018 | Education
Two of Canada’s largest banks have reported that cyber thieves may have stolen the financial information for over 90,000 of their customers. The thieves sent a message to the two banks over the weekend stating they had successfully stolen customer data and banking records for thousands of their customers. This caused an immediate reaction by both banks.
The Simplii Financial Breach
One of the banks, Simplii Financial, a subsidiary of the Canadian Imperial Bank of Commerce (CIBC), issued a statement that read in part:
“Simplii Financial is advising clients that it has implemented additional online security measures in response to a claim received on Sunday, May 27, 2018, that fraudsters may have electronically accessed certain personal and account information for approximately 40,000 of Simplii’s clients.”
The financial institution began its investigation immediately upon learning of the breach. They sent letters out to customers informing them of the breach, stating they had implemented stronger fraud monitoring and detection, among other security measures.
In part of the statement that Simplii sent to their customers, they reassured them that Simplii would provide full reimbursements to anyone who had lost money due to this hack. They also stated that they were actively working with law enforcement and cybersecurity experts to contain the damages.
Simplii Financial said the breach had only affected a limited number of individuals. They believe that around 40,000 accounts were breached by cyber thieves. At this time, they are not certain of exactly what information was stolen and which accounts were affected.
The Bank of Montreal Breach
The Bank of Montreal (BMO) was also affected by the data breach and officials at BMO stated that they believed the financial and personal information for approximately 50,000 customers could have been compromised due to a cyber breach.
Both banks issued strong statements to their customers saying that they were on top of the situation and taking stringent measures to shut down the fraud and protect their other clients from cyber theft. They also reminded customers to change their passwords and PIN numbers. They recommend using complex passwords and stated that easy-to-guess PINs like 12345 should be avoided, as these are easy targets for cyber thieves. The banks also recommended that their customers watch their accounts for any signs of unusual activity and report that at once to banking officials.
The Breaches Originated Outside Canada
Simplii Financial and the Bank of Montreal both said they had been contacted by “fraudsters” who said they were in possession of personal and financial information belonging to their customers.
Authorities are not certain which hacking group is responsible for the attacks but they stated that they were fairly certain the attacks originated from outside of Canada.
A spokesman for BMO said, “They appear to be related,” referring to the two attacks and also that the hacker’s claims were as yet “unverified.” In an email statement, the spokesman also said, “We are working with the relevant authorities and are conducting a thorough investigation.”
BMO officials said they believe that the attacks and exposure to customer data had been shut down and that no further data leaks would occur. Both financial institutions sent letters to their customers reassuring them that every step would be taken to find and prosecute the fraudsters.
The Royal Canadian Mounted Police is working with all Canadian law enforcement agencies to help the two banks conduct their investigations. They do not believe that any other Canadian banks were affected.
by Felicien | May 29, 2018 | Education
Russian Hackers Target Routers in 50 Countries Worldwide
In a day and time when everyone is being super careful not to click on suspicious links, there’s a new threat lurking. Just about every home and office has a router. It’s an inconspicuous piece of equipment that most of us rarely think about. And now, a new alert issued by the FBI says that Russian hackers have targeted routers in 50 countries around the world.
Just last week, the FBI issued a warning stating that a malware botnet known as VPNFilter was responsible for taking over millions of routers worldwide. The affected routers are thought to be primarily consumer-grade routers purchased at Best Buy and other retail and online electronic stores. The authorities also believe that routers provided by internet service providers such as Frontier Communications, Spectrum, and Charter have been affected. Commercial grade routers found in many businesses are also at risk.
Why the router?
Routers are rarely updated. Unlike the operating system on a smartphone or computer, most router manufacturers do not send out regular updates for their products. Last January, a complaint was filed against router manufacturer, D-Link. In the complaint, the FTC said that the manufacturer was leaving their users at risk by not installing adequate security measure. Their failure to do so had left many consumers open to attacks from hackers.
Experts are now saying that there’s no incentive for router manufacturers to release regular updates to their products that could stave off attacks. Up to now, these manufacturers have not been held liable and when there’s no liability, manufacturers will often take cost-saving shortcuts.
How hackers are getting in
Using malware to target the VPNFilter, cybercriminals are able to collect user data. Once the hacker has control of the router, they can use it to eaves drop on consumers. This weakness also allows hackers a doorway to all home computers, TVs, smartphones, or anything connected via the router.
The FBI recently discovered one website that hackers had set up to use in their attack. This website was designed to give instructions to the routers that had been taken over. Though shutting this site down did cut off one avenue of attack, the FBI warned that millions of routers were still infected. This leaves millions of consumers around the world vulnerable and most users will not even realize they’ve been hacked.
Who is responsible for the hacks?
The Justice Department said the hacking group referred to itself as “Sofacy” and that they answered to the Russian government. The hacking group also goes by the names Fancy Bear and APT28 and they have been involved in some very high-profile targets over the last few years. This group was blamed for the hacks carried out during the 2016 presidential campaign that targeted the Democratic National Convention.
Cisco Systems Inc. performed its own investigation and found that the targeted routers include Netgear, Belkin’s Linksys, QNAP, Mikro Tik, and TP-Link. There may be others involved as well and most were purchased by consumers at local electronic stores and online. Cisco shared the results of their investigation with the Ukrainian government and the U.S. The FBI said that they believe some of the affected routers were also provided by internet service companies.
What routers have been infected?
Authorities have put together a list of the known affected routers, but recommend that everyone take the precaution of rebooting the router and changing the password as soon as possible. The known affected routers include:
Linksys (Models E1200, E2500 & WRVS4400N)
Netgear (Models DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000)
Mikrotik Cloud Core Routers (versions 1016, 1036 & 1072)
TP-Link R600VPN
QNAP NAS devices running QTS software
QNAP (Models TS251 & TS439 Pro)
New types of warfare between Russia and the Ukraine
Russia has long been involved in attacks against the Ukraine and Ukrainian companies due to ongoing hostilities between the two countries. In the past, these attacks have cost millions of dollars and exposed the personal, confidential information of both businesses and individuals. At least one attack was responsible for an electricity blackout in the Ukraine.
The Ukrainian government recently stated that the Russian government was planning a cyber-attack against some privately held companies, along with Ukrainian state bodies. They believe these attacks were meant to disrupt the Champions League soccer finals which were being held in Kyiv.
What to do next
Experts are recommending that everyone using a router shut it down and reboot it. They also recommend disabling remote manager settings. If at all possible, upgrade the router to the latest firmware and change your password.
Managed IT providers are recommending many commercial grade firewalls and routers for business owners who have quite a bit more to lose than the average consumer. They have stated that commercial grade firewalls and routers offer powerful firewall technologies and some offer wireless access point that offers stronger protection for the home or office.
Consumer-grade routers used by the average individual are most at risk. Businesses who have remote employees working from home often forget that these workers present a weak area that hackers can take advantage of. Most individuals have never upgraded their router’s firmware or changed the original password that came with the router. IT experts believe that hackers will eventually exploit all weaknesses like this.
An ongoing risk
The FBI warned, “The size and scope of the infrastructure by VPNFilter malware is significant.”
Their experts said that hackers could render the routers affected completely inoperable if they wanted to, but that wasn’t their primary goal. Instead, they were planning to steal data off the computers, phones, and other connected devices by taking over the routers that controlled internet access. The FBI stated that the malware would be very hard to detect even by professionals because of encryption and other tactics used by the hacking group.
In addition to rebooting routers and changing passwords experts recommend contacting your internet service provider for possible firmware updates or other guidance.
by Felicien | May 29, 2018 | Education
As you may be aware, the FBI issued a warning last week about a malware botnet called VPNFilter. This malware originated in Russia and attacks “consumer-grade” routers typically purchased from retailers such as Best Buy andor installed in homes by Internet Service Providers such as Spectrum, Time Warner, and Charter.
The malware has not been found to infect commercial grade routers typically installed in your business, such as those from Cisco, Fortinet, SonicWALL or others. If you or any of your staff has one of the following routers installed at home, we recommend the Internet Service Provider be contacted for guidance.
At a minimum, the router should be rebooted – and the router password should be changed to one with a fair amount of complexity. (ISP technicians have a reputation for often not changing the simple “factory default” password when they install a router.) In some cases, a router firmware upgrade may be required.
The affected routers identified so far are:
Linksys (Models E1200, E2500 & WRVS4400N)
Mikrotik Cloud Core Routers (versions 1016, 1036 & 1072)
Netgear (Models DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000)
QNAP (Models TS251 & TS439 Pro)
QNAP NAS devices running QTS software
TP-Link R600VPN
While we are unable to manage the consumer-grade routers targeted in this attack, We can offer you a powerful network security appliance (router/firewall/wireless access point) that can provide commercial-grade protection at your home or office.
If you have teleworkers or executives who access your network by working from home, you should be concerned about business risks created by consumer-grade routers. A relatively inexpensive corporate or business-grade firewall is likely an appropriate solution. Please let us know if you would like more information.
by Felicien | May 29, 2018 | Education
In a day and time when everyone is being super careful not to click on suspicious links, there’s a new threat lurking. Just about every home and office have a router. It’s an inconspicuous piece of equipment that most of us rarely think about. And now, a new alert issued by the FBI says that Russian hackers have targeted routers in 50 countries around the world.
Why the router?
Routers are rarely updated. Unlike the operating system on a smartphone or computer, most router manufacturers do not send out regular updates for their products. Last January, a complaint was filed against router manufacturer, D-Link. In the complaint, the FTC said that the manufacturer was leaving their users at risk by not installing adequate security measure. Their failure to do so had left many consumers open to attacks from hackers.
Experts are now saying that there’s no incentive for router manufacturers to release regular updates to their products that could stave off attacks. Up to now, these manufacturers have not been held liable and when there’s no liability, manufacturers will often take cost-saving shortcuts.
How hackers are getting in
Using malware to target the VPN filter, cybercriminals are able to collect user data. Once the hacker has control of the router, they can use it to eavesdrop on consumers. This weakness also allows hackers a doorway to all home computers, TVs or anything connected via the router.
The FBI recently discovered one website that hackers had set up to use in their attack. This website was designed to give instructions to the routers that had been taken over. Though shutting this site down did cut off one avenue of attack, the FBI warned that millions of routers were still infected. This leaves millions of consumers around the world vulnerable and most users will not even realize they’ve been hacked.
Who is responsible for the hacks?
The Justice Department said the hacking group referred to itself as “Sofacy” and that they answered to the Russian government. The hacking group also goes by the names Fancy Bear and APT28 and they have been involved in some very high-profile targets over the last few years. This group was blamed for the hacks carried out during the 2016 presidential campaign that targeted the Democratic National Convention.
Cisco Systems Inc. performed its own investigation and found that the targeted routers include Netgear, Belkin’s Linksys, QNAP, Mikro Tik, and TP-Link. There may be others involved as well and most were purchased by consumers at local electronic stores and online. Cisco shared the results of their investigation with the Ukrainian government and the U.S. The FBI said that they believe some of the affected routers were also provided by internet service companies.
New types of warfare between Russia and Ukraine
Russia has long been involved in attacks against Ukrainian companies due to ongoing hostilities between the two countries. In the past, these attacks have cost millions of dollars and exposed the personal, confidential information of both businesses and individuals. At least one attack was responsible for an electricity blackout in Ukraine.
The Ukrainian government recently stated that the Russian government was planning a cyber-attack against some privately held companies, along with Ukrainian state bodies. They believe these attacks were meant to disrupt the Champions League soccer finals which were being held in Kyiv.
What to do next
Experts are recommending that everyone using a router shut it down and reboot it. They also recommend disabling remote manager settings. If at all possible, upgrade the router to the latest firmware and change your password.
The FBI warned, “The size and scope of the infrastructure by VPNFilter malware is significant.”
Their experts said that hackers could render the routers affected completely inoperable if they wanted to, but that wasn’t their primary goal. Instead, they were planning to steal data off the computers, phones, and other connected devices by taking over the routers that controlled internet access. The FBI stated that the malware would be very hard to detect even by professionals because of encryption and other tactics used by the hacking group.
by Felicien | May 28, 2018 | Education
It’s the same old story time and time again… your Dallas IT support provider tells you what to buy, then leaves you holding the bag. NCT Net, on the other hand, is here to help you – every step of the way.
Don’t be embarrassed, it’s happened to everyone.
There was a new client I worked with just last year. They came to me with a problem I’ve encountered over and over.
They said, “My last IT company said I needed to buy this, but they never really helped me set it up or get it working right. It’s just been a waste of money”.
It doesn’t really matter what the technology is. Sometimes it’s a new firewall, sometimes it’s a Wi-Fi router. That’s not what’s important.
How Other Tech Companies Keep Failing You
Dallas IT companies like the one this client had to deal with making two huge mistakes when they do something like this:
They assume that the right technology is all that’s needed.
It’s a hallmark of bad IT support. You go to your Dallas IT support provider with a problem, they take a cursory, Tier-1 glance at it, and decide that the solution is just to throw money at it. Your money, not theirs.
There are a few things wrong with this scenario:
You have to go to them. The right partner in IT doesn’t wait for you to come to them with problems – they assess your business, identify your obstacles, monitor your systems, and do everything they can be proactive about support. They notice issues before you do, and eliminate them before it affects your work.
The solution is more money. While it may eventually be the solution, more often than not, a bad Dallas IT support provider is just going to tell you to spend money. New hardware, software, or something else.
It’s like when you call tech support for your cable box at home. An engaged and capable technician will try a few options before deciding to roll a truck and incur further costs to you or the company they represent. Lazy technicians go right to rolling a truck and getting you off the line.
We’re not like lazy phone support technicians or other Dallas tech companies for that matter – NCT Net is proud to offer Proactive Managed IT Services that follow a proven process that identifies our many clients’ needs, matches them to effective solutions, and keeps their costs as low as possible.
They don’t help you set up the technology.
It seems like a no-brainer, but let me tell you, it’s extremely common for clients to be left fending for themselves when it comes to installation, configuration, and deployment of their new tech.
The reality – setting up your technology isn’t your job. It’d be like hiring someone to furnish your home, but instead, you’re left trying to interpret the IKEA instruction manuals for hours.
In the case where an investment in some kind of new technology really is necessary, we don’t ask you to front the bill and then leave you to figure it out on your own. Our team of expert engineers is available to help in person or over the phone as need be to ensure your new technology is properly installed, configured and deployed.
That way, you get the best possible ROI on your investment – both in our services and the new technology.
Dallas IT Consulting With Your Needs In Mind
With each step your Dallas business takes in becoming a more developed and profitable operation, you need to be sure that your IT systems can support its growth. Arranging one-off consultations with other Dallas IT companies is inconvenient and expensive, but without the right knowledge, your technology may fail to meet the requirements of the next stage of your business.
NCT Net is available to consult on every big decision that involves technology. Proper planning not only helps you to avoid technological missteps that can often result in IT issues, but it also adds further value to your company as it develops effectively.
With your specifics in mind, our team helps you to develop long-term IT plans that take into account important factors like your budget, projections, customer and employee needs and business goals. Ongoing assessments of your IT infrastructure will help to identify any risks or opportunities that should be accounted for as your company expands.
In a nutshell? Our Dallas IT Consulting services offer business and technology expertise that helps your company plan effectively for the future.
Just because you run a business that needs IT, that doesn’t mean you have to be an IT expert. Let NCT Net take the stress out of business technology by providing invaluable IT advice on each and every business decision you deal with.
For more information about our Proactive Managed Services and IT Consulting Services in Dallas, get in touch with NCT Net at (214) 544-3982 or support@nctnet.net.
