Training Archives

Threat actors are determined to harvest as much sensitive data as possible, and the Housing Authority of the City of Los Angeles (HACLA) know all about this.

It’s been revealed that HACLA has recently been attacked by the Cactus ransomware gang. First emerging in early 2023, the Cactus group has gained a reputation for stealing confidential data. Around 260 organizations have been affected by Cactus’ activities in the last year and a half, with no sign of them slowing up. HACLA, unfortunately, has previous form for data breaches, with the LockBit ransomware group gaining access to their IT systems for nearly a full year in 2022.

To help you bolster your organization’s defenses, we’re going to explore the Cactus attack in closer detail.

Cactus Get Prickly with HACLA

With 32,000 public housing units falling under its administration, HACLA is a prime target for any threat actors hungry for personal data. Accordingly, Cactus have struck at the heart of HACLA to harvest significant amounts of data.

Understandably, in order to protect their defenses, HACLA have revealed very little about the attack. They acknowledge that, after becoming aware of suspicious activity, IT professionals were contacted to investigate a possible cyberattack. HACLA’s systems remain operational as of this writing, but they haven’t confirmed exactly what happened or whether any data was stolen.

Cactus, on the other hand, has been more forthcoming with details. Announcing that they’ve managed to steal 891 GB of files from HACLA’s network, Cactus has clearly carried out an audacious attack. The data stolen, as Cactus claims, is highly sensitive and includes personal client details, financial documents, database backups, and correspondence. To demonstrate that they’re not just showboating, Cactus has published screenshots of some of this stolen data. Alongside this, Cactus has also followed up their claims by uploading an archive containing some of the stolen data.

Shielding Your Business from Breach Risks

While it’s currently unclear whether HACLA’s systems or data has been encrypted by ransomware, it’s a very real possibility. Regardless of whether encryption has taken place, the 891 GB of stolen data is a seriously worrying amount of personal data to leak. Therefore, you need to be on your guard against such attacks by practicing the following:

Data Backup Strategy: To minimize the impact of ransomware, it’s always a good idea to carry out regular, automated backups of your data. As well as keeping these backups close to hand on site, it’s crucial that you also keep copies stored on secure, off-site locations such as in the cloud. The 3-2-1 backup method is an excellent strategy to employ in order to keep your data secure and retrievable.
Regular Software Updates: Many data breaches are the result of vulnerabilities being exploited within software. These vulnerabilities allow threat actors to gain a foothold with IT infrastructures and start implementing malware infections or stealing data. Consequently, to plug all of these security holes, you should automate all software updates to optimize the strength of your defenses.
Employee Training: Regular training of your employees, both at the induction stage and through refresher courses, provides your organization with its strongest form of defense. It just takes one wrong click by an employee to expose your entire network, so it’s vital that you can sharpen their cybersecurity skills to secure your IT infrastructure.

For more ways to secure and optimize your business technology, c ontact your local IT professionals.

Cybersecurity for Businesses in the Remote Work Era

device inventory, Employee Training, monitor devices, multi factor authentication, Ophtek, Public WiFi, remote work, secure toolsdevice inventory, monitor devices, multi-factor authentification, Ophtek, public wifi, remote work, secure tools, TrainingOphtek, LLC

Jun 2024

The impact of the Covid-19 can still be felt, with high numbers of employees continuing to work remotely. But how does this affect your cybersecurity?

The shift towards remote work was essential at the start of the pandemic, and it has now become a permanent aspect of many employees’ lives. However, while it represents a flexible approach to work, which helps achieve a healthy work/life balance, it also comes with challenges in terms of cybersecurity. With employees working from different locations and connecting to your IT infrastructure from different networks, it’s a complex scenario to manage.

Staying Secure in the Remote Work Era

It’s important your organization takes the necessary steps to strengthen their defenses when it comes to remote working practices. Many of these are simple and can be implemented easily. Therefore, you need to make sure you follow these best practices:

Avoid Public Wi-Fi: remote working allows your employees to work from anywhere, but this can open them and your servers up to significant risk. In particular, the risk of public Wi-Fi networks – such as those found in coffee shops and public places – should never be underestimated. With little protection in place, these Wi-Fi networks can easily be compromised and risk your organization’s data being harvested. Therefore, your remote employees should be discouraged from using these, instead using secure networks at home.
Use Multi-Factor Authentication: For remote workers, extra layers of security are everything when it comes to protecting your networks. And this is why multifactor authentication can be a real game-changer in terms of your security. Furthermore, biometric authentication such as Windows Hello allows your business to enhance its security and prevent unauthorized access.

Use Secure Collaboration Tools: You have to think a little differently when working with remote employees, especially when it comes to collaborating. It’s not as simple as having your entire team in the same room, so collaboration software is crucial. However, this needs to be secure. So, make sure you use secure collaboration tools such as Microsoft Teams, Slack, and Basecamp to ensure your communications remain encrypted and safe

Monitor Remote Devices: With your remote employees’ devices out of sight, they need to be monitored closely. Endpoint monitoring software allows you to track devices in real time and identify any unusual behaviors. Automatic alerts and notifications can be put in place to ensure you’re aware of any breaches immediately and allows you to take action to neutralize any threats.

Device Inventory: As many of your IT devices will now be located off-site, it’s vital you keep a device inventory to manage all of them. This allows you to know exactly what devices are accounted for within your business and where they’re currently located. By keeping a device inventory, you minimize the risk of, for example, laptops not receiving updates and becoming vulnerable to threat actors.

Employee Training: As ever, the most important aspect of cybersecurity for businesses involves employee training. Accordingly, your remote employees need specific training to make sure they understand the risks of remote work. Strong and unique passwords, for example, have never been more important, and being able to identify phishing attempts is equally crucial when an employee is unable to call on the immediate support of their colleagues.

For more ways to secure and optimize your business technology, contact your local IT professionals.

5 Easy Ways to Improve Your Organization’s Cybersecurity

Backup, cyber attacks, cybersecurity, Ophtek, secure WIFI, Training, two-factor authentication, VPNbackup, Cyber Attacks, Cybersecurity, Ophtek, secure WIFI, Training, two factor authentification, VPNOphtek, LLC

Oct 2023

With cyber-attacks showing no signs of slowing up, it’s more important than ever before to make sure your organization’s IT systems are protected.

Luckily, this doesn’t necessarily involve huge amounts of investment. In fact, some of the most effective ways to protect your IT infrastructure are the simplest. But not ever business realizes this, and this is why so many find themselves falling victim to cybercriminals. Therefore, it’s crucial that you start implementing the best solutions for protecting your organization.

How Do You Keep the Cybercriminals at Bay?

To help you get started with securing your defenses, we’ve put together 5 easy ways to improve your organization’s cybersecurity:

Two-factor authentication: passwords are an amazing method of protection, and this is why they have been used as a security measure for decades. However, a breached password is of little use when it comes to securing your IT systems. Therefore, implementing two-factor authentication should be a major priority. This extra layer of security involves a user receiving a unique code – via registered text or email – to confirm their identity after entering their login credentials. This means that, even if a password is stolen, there is a further security hurdle to overcome.

Training as a team: training sessions are essential when it comes to educating your staff on the dangers of malware and threat actors. However, one-to-one IT induction processes aren’t enough. You also need to develop programs which train your team as a whole. Studies have shown that group learning is more effective and this is exactly what you need when building your IT defenses.

Secure your networks with a VPN: one of the best ways to protect your organization’s data and internet connections is by using a virtual private network (VPN). A VPN establishes secure connections between remote employees and the organization’s network, maximizing data privacy and preventing data breaches. It does this by encrypting data transmissions, shielding sensitive information from hackers, and preventing unauthorized access. Combined with tunneling protocols and authentication mechanisms, a VPN will help you create a secure digital barrier.

Create backups: many cyberattacks, particularly ransomware campaigns, focus on stealing and restricting access to data. This is why backups should form a major part of your IT defenses. By creating multiple backups – see our guide to the 3-2-1 backup method – you are essentially creating a safety net for your business in the event of a data breach. While it may not mitigate every negative impact of a data breach – such as customer data being leaked – it will minimize the risks of data loss.

Secure your Wi-Fi network: there’s absolutely no need for your Wi-Fi network to be publicly visible. By advertising the presence of your Wi-Fi network, you are inviting threat actors to test your defenses. Therefore, you need to not only secure and encrypt your Wi-Fi network, but also hide it from public view. This can be achieved by instructing your router to never broadcast its network name, also known as the Service Set Identifier (SSID).

For more ways to secure and optimize your business technology, contact your local IT professionals.

Social Engineering Used to Hack into Camera Firm

Cyber Security, Employee Training, malware, Ophtek, Password Security, social engineeringmalware, Ophtek, passwords, security, social engineering, TrainingOphtek, LLC

Mar 2022

Social engineering is one of the modern menaces of online life, and this has been demonstrated by a recent malware attack on a Swedish camera firm.

Axis Communications, who manufacture network and security cameras, are the company at the centre of this recent attack. The organization announced that they had been the victims of what they described as an “IT-related intrusion” and advised that, as a result, they had temporarily closed their public-facing services online. Naturally, the attack caused great disruption to Axis; it also brought to light a number of shortfalls in cyber-security, namely the impact of social engineering.

What is Social Engineering?

Social engineering is a form of hacking which involves using various methods of deception to glean information from the victims. So, for example, an employee who receives an email, from what appears to the organization’s IT department but is from a fake email address, asking for confirmation of their login credentials is a form of social engineering. And these incidents of social engineering don’t have to take place online, simply telling someone your mother’s maiden name – a popular choice for password recovery questions – is another example.

This image has an empty alt attribute; its file name is bus-cyber-attack2-lrg-960x480.jpg

How The Axis Attack Happened

The exact details of the Axis attack are yet to be released as the company are conducting a forensic investigation intoexactly what happened. Nonetheless, they have revealed the following details:

Several methods of social engineering were used in order to gain access to the Axis network, these were successful despite the presence of security procedures such as multi-factor authentication.
Advanced hacking techniques were used by the hackers – once they had breached the network – to enhance their credentials and gain high-level access to restricted areas.
Internal directory services were compromised by this unauthorized access.
While no ransomware was detected, there was evidence that malware had been downloaded to the Axis network.

Following concerns of suspicious network activity, and the employment of IT security experts, all external connectivity to the Axis network was closed down.

How to Protect Yourself from Social Engineering

It can be difficult to tackle the highly polished social engineering methods employed by hackers, but following the practices below can make a real difference:

Always Think: slowing down and assessing the situation is crucial when it comes to social engineering. If someone has asked you for sensitive information, such as password details, ask yourself why the need this and what could they do with it? Internal sources – such as managers and IT departments – will never ask for this, so guard your password carefully and, to clarify the situation, speak face-to face with the person who has apparently asked for it.

Regular Staff Training: it’s important that your staff understand the tell-tale signs of social engineering, so make sure that you arrange regular training/refresher courses to keep their knowledge up to date. After all, social engineering is all about the deception, and identifying this can be difficult. But, with the correct knowledge, your staff should be able to protect themselves and your organization.

For more ways to secure and optimize your business technology, contact your local IT professionals.

British Snacks in Short Supply Due to Ransomware Attack

anti malware, Backup Strategies, Employee Training, Ophtek, PC Security, PC Training, Ransomwareanti-malware, backup, Ophtek, PC Security, rensomware, TrainingOphtek, LLC

Feb 2022

British shoppers have been warned to expect some of their favorite snacks to be in short supply following a ransomware attack on a major manufacturer.

KP Snacks has been producing snacks in Britain since the 1850s, but this production has recently run into a major obstacle: ransomware. Cyber criminals have successfully launched a ransomware attack on KP Snacks, and its effects are running deep. Due to the impact of the ransomware on their IT infrastructures, KP Snacks has had to advise stores that delays in production are expected. As a result, British shoppers are likely to be facing empty shelves when they head out to pick up their favorite snacks.

Snack food may not be crucial to society, but the impacts of this hack demonstrate why organizations need to remain vigilant.

The Story Behind the Snack Attack

Following an unexplained outage of their IT systems, KP Snacks investigated and discovered that they had fallen victim to a strain of ransomware. The exact details of the ransomware in question has not, as of yet, been disclosed. However, rumors are circulating that the attack was launched by the WizardSpider group, a gang of hackers who attacked the Irish health service in 2021. It’s alleged, according to leaked sources, that KP Snacks was given five days to pay a ransom fee, but clarification on this is lacking.

The response of KP Snacks has been to launch a defensive strike against the attack. Being a major organization, the snack makers had a cybersecurity response plan which was quickly put into action. Third-party security experts have also been drafted in to complete a forensic analysis of the firm’s IT infrastructure. Nonetheless, the disruption to productivity has hit KP Snacks hard. As well as their IT systems being compromised, their communications systems have been hit equally hard. In modern business, these two elements are essential for operating and, as a result, supply shortages are expected.

Protecting Yourself Against Ransomware

While a shortage of snacks may sound like a mild inconvenience, this is only the tip of the iceberg. Not only is there a financial risk for KP Snacks, but the company’s employees can also expect financial ramifications e.g. delayed payments due to compromised IT systems and even the threat of redundancy. Naturally, this is a situation that no organization wants to find itself in, so make sure you always follow this advice:

Always Backup: the main impact of ransomware is that it encrypts files before demanding a ransom fee to decrypt them. However, you can minimize the impact of this effect by ensuring you have a strong backup strategy in place. This will provide you with access to your data and provide you with business continuity.

User Training: ransomware can be activated in a number of different ways such as infected emails, malicious links and running outdated software. Thankfully, shutting these attack routes down is relatively easy with the correct training. Therefore, regular staff training is vital when it comes to securing your IT defenses.

Install Anti-Malware Tools: it’s almost impossible to detect every single threat in the digital wild, but anti-malware tools will protect you from most of them. Installing anti-malware tools is simple and instantly provides an enhanced level of protection against ransomware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

1 2 Next »

Tag Archives: Training