Centrend

Cybersecurity

Recent Cyber-Attacks Highlight The Urgency Of Strong Cybersecurity For All Businesses

If the software your organization used to close deals and pay employees unexpectedly went down and you had no idea when it would be fixed, what would you do? Could you continue doing business? How much money would you lose? Unfortunately, in June, this happened to over 15,000 US- and Canada-based car dealerships when two cyber-attacks occurred on the popular industry software provider, CDK Global. This software attack shut down the sales, financing and payroll systems for thousands of dealers, forcing them to either stop business or revert to the old-fashioned pen-and-paper method. This incident should be a wake-up call for all small business owners, highlighting the importance of robust cybersecurity measures. What Happened? The initial attack occurred on the evening of Tuesday, June 18. Once it was detected, CDK Global immediately took the correct action, bringing the entire system offline to investigate the issue. The system was up and running again the following day until a second incident occurred, which resulted in the company bringing the system back offline. It’s thought the system was brought back online prematurely, before all compromised areas were discovered, resulting in a second attack. Cybersecurity experts are saying it could be weeks before the system is back to being fully operational. While some businesses were able to revert to manual processes, this incident highlights the vulnerabilities that come with relying on digital systems. In our ever-advancing digital world, where most transactions are a couple of clicks away, significant issues arise when systems go offline. Critical parts of the business process, such as completing transactions, managing payroll and interacting with financial institutions, can come to a standstill. This means that until the systems are back online, many business operations cannot be fully completed, leading to delays and potential financial losses. Business owners know that there is no sale until the check clears the bank! So, What’s Next? CDK Global didn’t disclose the exact cause of the attack. Whether that was intentional or they are still unsure remains to be seen. Their security team will need to meticulously comb over every area of the business to determine exactly what was compromised. It’s often difficult for large companies to get the details about cyber-attacks 100% correct after the first review because they may not be able to determine the extent of an attack’s network penetration if there are multiple points of vulnerability. In the meantime, businesses need to take a hard look at their systems for selling and operational continuity. Will they be prepared to continue doing business if and when this happens again? This incident should serve as a wake-up call for all business leaders. If you don’t have a business recovery and continuity plan in place, you’re putting yourself at risk. And if you do, you need to ask yourself if it is high-quality, tested often and able to handle a large-scale attack where multiple operational systems are disabled. If the answer is no, it’s time to do something about it. We’ll do a FREE Security Risk Assessment that will achieve two important things: To get started, call our office at 774-241-8600 or click here to book your FREE Security Risk Assessment now.

Recent Cyber-Attacks Highlight The Urgency Of Strong Cybersecurity For All Businesses Read More »

Dangers Of LinkedIn: 4 SecurityFeatures To Use TODAY

A recent report from Check Point Research revealed a shocking statistic – the Microsoft-owned business platform LinkedIn is impersonated in nearly half of all phishing attacks globally. One of the ways scammers leverage LinkedIn to deploy their phishing attack is when they zero in on anyone seeking a new job or career change. While e-mails like “You have 1 new invitation” or “Your profile has been viewed by 63 people” can be authentic, it’s critical to verify the e-mail address it’s sent from to ensure that it’s genuinely from LinkedIn. These impersonators will send e-mails that look identical to the real ones, with links to fake LinkedIn pages that will rip off your information as soon as you enter it. Another way cybercriminals leverage LinkedIn is by creating fake profiles and messaging people about job opportunities. Once you’re on the hook, they’ll either ask for a small payment upfrontto process your application (that you’ll never see again) or send you a link to a form you must fill out that’s actually a phishing link in disguise. LinkedIn is aware of the problem and is working on developing advanced security features to protect its users. Here are three of the current security features it has already deployed:

Dangers Of LinkedIn: 4 SecurityFeatures To Use TODAY Read More »

The Microsoft Outage: A Wake-Up Call for Incident Response Planning

The recent global outage of Microsoft services, caused by a faulty software update from CrowdStrike, served as a stark reminder of how vulnerable even the largest tech giants can be to unexpected disruptions. Airlines, businesses, and countless individuals relying on Microsoft’s vast ecosystem felt the ripple effects, highlighting the interconnected nature of our digital world. The Importance of Incident Response Plans While the outage is mostly resolved, the incident underscored the critical need for comprehensive incident response plans. These plans, often overlooked or underestimated, provide a roadmap for organizations to navigate crises efficiently and minimize downtime. A well-structured incident response plan includes: Small and Medium Businesses (SMBs) at Risk If a tech giant like Microsoft can be disrupted, the potential consequences for small and medium businesses (SMBs) are even more significant. SMBs often lack the resources and infrastructure to recover quickly from outages, making them more vulnerable to financial losses and reputational damage. Developing a comprehensive incident response plan is not a luxury for SMBs; it’s a necessity. By investing in preparedness, SMBs can: Moving Forward The Microsoft outage serves as a valuable lesson for all organizations. By developing and regularly updating incident response plans, businesses of all sizes can mitigate the impact of future disruptions and ensure their continued success in an increasingly interconnected digital landscape. Key Takeaways: Let’s not wait for the next outage to take action. Let’s make incident response planning a top priority today.

The Microsoft Outage: A Wake-Up Call for Incident Response Planning Read More »

Massive Layoffs In 2024 Create A Serious Threat To Your Cybersecurity

The massive wave of layoffs in 2024 brings a cybersecurity threat that most business owners aren’t focusing on – offboarding employees. Even big-time brands that you would expect to have top-of-the-line cybersecurity systems, processes and procedures in place fail to adequately protect themselves from insider threats. This August marks a year since two disgruntled Tesla employees went rogue after being let go and exposed the personal information – including names, addresses, phone numbers and even the Social Security numbers – of over 75,000 people, including employees. And, of course, the issue is expected to get worse. According to NerdWallet, as of May 24, 2024, 298 US-based tech companies have laid off 84,600 workers and counting. This includes major layoffs at big companies like Amazon, Google and Microsoft, as well as smaller tech start-ups. In total, around 257,254 jobs were eliminated in the first quarter of 2024 alone. Whether or not you’ll need to downsize your team this year, having a proper offboarding process in place is essential to every business, big or small, because it’s more than a routine administrative task – it’s a critical security precaution. Failing to revoke access for former employees can lead to serious business and legal implications later. Some of those issues include: A study by Osterman Research revealed that 69% of businesses experience data loss due to employee turnover, and 87% of employees who leave take data with them. Most often, the information you worked hard to gather is sold to competitors, used by them when they’re hired by the competition or used by the former employee to BECOME a competitor. Any way you cut it, it screws YOU. Do you have an airtight offboarding process to curb these risks? Chances are you don’t. A 2024 study by Wing revealed that one out of five organizations has indications that some of their former users were not properly offboarded, and those are the people who were astute enough to detect it. How DO you properly offboard an employee? These are only a few ways your IT team can help improve your offboarding process to make it more efficient and secure. Insider threats can be devastating, and if you think this can’t happen to you, think again. You have to be proactive in protecting your organization. To find out if any gaps in your offboarding process expose you to theft or a data breach, our team will do a free, in-depth risk assessment to help you resolve it. Call us at 774-241-8600 or click here to book now.

Massive Layoffs In 2024 Create A Serious Threat To Your Cybersecurity Read More »

“Savings” That Could Cost You EVERYTHING

As a business leader, you’re always looking for ways to increase revenue, cut expenses and grow your bottom line. Implementing AI tools, shopping services and running a more efficient operation are great ways to do that. One place you do NOT want to cut corners is using free antivirus or firewall software. In today’s blog, we’ll share why these seemingly helpful software solutions are a detriment to your business and why a 10-minute call with our team might just be the best investment you’ll make this year. Free software often lacks necessary features and is limited in what it can detect. Free antivirus software and firewall solutions can protect your business against some known viruses but not all of them, and they likely won’t have the ability to protect you against other comprehensive threats, like malicious files, unknown or unidentified threats and more. Cybercriminals are constantly rolling out new and “improved” viruses to trick even the most robust security solutions, which makes it difficult to believe that free, infrequently updated antivirus solutions could offer the level of protection needed to keep you secure. There’s no such thing as a free lunch. While free cybersecurity solutions sound like a good way to save a few bucks, you have to stop and realize these programs will make their money somewhere. The most common ways they make money are through ads, sponsored recommendations and collecting and selling user data. They collect and sell your personal information, like age and gender, and installed apps, to third-party advertisers. Some free solutions are already infected with malware. Ironically, these free cybersecurity tools can come with malware already installed to infect your computer upon downloading them. It’s also difficult to determine the difference between real free software solutions and fake ones created by hackers looking to trick unsuspecting business owners who hope to save a buck into downloading an infected version that immediately opens up your network to them. Free antivirus software is mostly reactive, detecting infections after they’ve happened. The point of having cybersecurity solutions is to try to prevent a data breach from occurring in the first place. Most free solutions are reactive and won’t keep unwanted intruders out; they simply alert you when one has already breached your network. If you’re going with a free solution, make sure you have a robust recovery plan in place. You’ll likely need it. Cybersecurity solutions are not as expensive as most business owners think and are more cost-effective than dealing with a data breach. If you have been using free antivirus or firewall software in your organization, it’s time to level up. Our cybersecurity experts will provide you with a FREE Security Risk Assessment that will detail if and where you’re vulnerable and what to do about it. Schedule yours by clicking here or calling us at 774-241-8600.

“Savings” That Could Cost You EVERYTHING Read More »

The Silent Danger: A Powerful Lesson For Every Business From This $1.6 Billion Ransomware Attack

In recent months, the alarming cybersecurity breach at Change Healthcare, the health care payment-processing company under the health care giant UnitedHealth Group, has thrown a spotlight on a chilling reality: cyberthreats can lurk undetected within our networks, ready to unleash chaos at a moment’s notice. The breach, executed by the notorious ALPHV/BlackCat hacker group, involved the group lying dormant within the company’s environment for nine days before activating a crippling ransomware attack. This incident, which severely impacted the US health care system, a network with a large budget for cybersecurity, underscores an urgent message for all business leaders: a robust cybersecurity system and recovery plan are not optional but a fundamental necessity for every business out there. The attack began with hackers using leaked credentials to access a key application that was shockingly left without the safeguard of multifactor authentication. Once inside, the hackers stole data, locked it down, and then demanded a hefty ransom. This action stalled nationwide health care payment-processing systems, for thousands of pharmacies and hospitals causing them to grind to a halt! Then things got even worse! The personal health information and personal information of potentially millions of Americans was also stolen. The hackers set up an exit scam, demanding a second ransom to not release this information. This breach required a temporary shutdown, disconnecting entire systems from the Internet, a massive overhaul of the IT infrastructure and significant financial losses estimated to potentially reach $1.6 billion by year’s end. Replacing laptops, rotating credentials and rebuilding the data center network were only a few of the actions the UnitedHealth Group had to take. More than financial, the cost was deeply human – impacting health care services and risking personal data. While devastating, it’s a powerful reminder that threats can dwell in silence within our networks, waiting for an opportune moment to strike. It is not enough to react; proactive measures are essential. Ensuring systems are secured, implementing multifactor authentication, regularly updating and patching software and having a recovery plan in place in the event of an attack are steps that can no longer be overlooked and are basic requirements for doing business in today’s world. Also, the idea that “We’re too small to be a target” is false. Just because you’re not big enough to make national news, doesn’t mean you’re too small to be attacked! Cybersecurity isn’t just an IT issue; it’s a cornerstone of modern business strategy. It requires investment, training and a culture of security awareness throughout the organization. The fallout from a breach reaches far beyond the immediately affected systems. It can erode customer trust, disrupt services and lead to severe financial and reputational damage, and your business, will be the one blamed. As we consider the lessons from the Change Healthcare incident, it’s your duty to make cybersecurity a top priority. Investing in comprehensive cybersecurity measures isn’t just a precaution – it’s a fundamental responsibility to our customers, our stakeholders and our future. Remember, in the realm of cyberthreats, what you can’t see can hurt you – and preparation is your most powerful defense. Is YOUR organization secure? If you’re not sure, or just want a second opinion, our cybersecurity experts will provide you with a FREE Security Risk Assessment that will detail if and where you’re vulnerable and what to do about it. Schedule yours by clicking here or calling us at 774-241-8600.

The Silent Danger: A Powerful Lesson For Every Business From This $1.6 Billion Ransomware Attack Read More »

AT&T Attack Reveals 73 Million Customer Records Exposed On The Dark Web

In a statement released by the largest telecommunications company in the United States, AT&T, they shared that they recently discovered a dataset for sale on the “dark web” that contained information for about 7.6 million current AT&T account holders and 65.4 million former users, totaling approximately 73 million affected accounts. AT&T shared that the data released contained passcodes (PIN numbers) and Social Security numbers from 2019 or earlier and did not contain any other personal financial information or call history but could possibly include e-mail and mailing addresses, phone numbers and birthdates. AT&T has reached out to all customers via e-mail or mail to let them know of the breach and to reset their passcodes. If you’re an AT&T customer, it’s important to be highly critical of any e-mail asking you to change your password. Please make sure it is from AT&T, as it’s suspected other cybercriminals will attempt to capitalize on this issue and send out fake e-mails with malicious links, hoping someone will click on them. If you’re concerned it’s a fake e-mail, call AT&T support and ask them to send another reset link while you’re on the phone. As for the cause of the breach, it’s still unknown whether the data breach originated from AT&T or one of its vendors, but AT&T has launched an investigation and will likely hire computer forensics specialists to find the cause of the incident. The organization will also have to scrub any installed malware out of the software that runs its customer account system without disrupting unaffected customers’ service. Between the investigation, cleaning up the issues, lawsuits, legal fees and more, this will be an expensive issue to solve. That’s why at [Company Name], we talk about being proactive with cybersecurity so often. While no solution is 100% impenetrable, most are strong enough to keep the majority of hackers out. It is way more costly to deal with the effects of a cyber-attack than it is to prevent one in the first place. If you’re concerned about the safety of your organization, request a FREE Security Assessment from our team of cybersecurity experts. We’ll analyze your network so you can see if there are exposed entry points in your network that hackers could use to break in. We’ll also advise on how to work with third-party vendors to ensure your and your customers’ data is as secure as possible. Hackers will do whatever it takes to break into your network. Your job as the CEO is to do whatever it takes to keep them out. We are here to help! Click here to book your Security Risk Assessment with one of our cybersecurity experts, or call our office at 774-241-8600.

AT&T Attack Reveals 73 Million Customer Records Exposed On The Dark Web Read More »

The Safest Way To Shop For Mother’s Day Online

Are you planning on buying gifts for the special women in your life for Mother’s Day? If you shop online, there are a few ways to do it SAFELY. During the holidays, cybercriminals ramp up various scams to capitalize on innocent people looking for gifts online. These scams range from fake offers to sham giveaways, all with the goal of stealing your money and information. Times and technology have changed drastically in just the last year, meaning what kept you safe before is no longer enough. In today’s article, we’ll share the best way to pay for your online purchases, the common scams to look out for and the top online shopping best practices to keep you safe. How To Make Online Purchases Safely Should you use your debit card to buy online? No! Debit cards are linked directly to your bank account. If you make a bad purchase online, it can be very difficult to get your money back once you’ve alerted your bank. To avoid headaches, hours on the phone arguing with customer support, losing money and, if things escalate enough, legal fees, use your credit card or a third-party payment system instead. Credit cards have extensive fraud monitoring systems, which can often catch discrepancies as they occur. These companies use statistical analysis and machine learning to track and analyze your transactions to quickly identify suspicious activity, allowing you to dispute the purchases and avoid being charged. Some credit card companies, like Capital One, go a step further to keep you secure by offering virtual credit cards. These cards provide you with a random 16-digit number, a three-digit CVV and an expiration date that you can use for online or even in-store purchases. While these DO connect to your real accounts, retailers are unable to see your actual card details, keeping your information secure. Bonus: These can be “turned off” at any time, eliminating the hassle of canceling unneeded subscriptions without going through the merchant. Third-party tools like PayPal are also a great option because no personal information is exchanged with the seller. The company you’re purchasing from does not receive your financial or banking information, keeping your data secure. Online Shopping Best Practices Using a credit card, virtual card or third-party payment tool is a great start, but it isn’t the only proactive step you should be taking to stay safe online. If you’re making purchases online, make sure you’re also: Shopping from real websites – Cybercriminals will set up fake websites that look exactly like big-name websites. Go to the REAL website and search for the item you’re looking for. Avoid too-good-to-be-true offers – If it sounds like a scam, it’s probably a scam! If you’re interested, go to the website and look up the deal to see if it exists. Do NOT click on promo links in e-mails – Cybercriminals will set up spoof e-mails mirroring your favorite brands. When you click on the offer links, they can infect your network. Use a VPN – This hides your location and web browsing information from snoopers. Don’t save your information – Password tools are trying to make your life easier by saving your payment information, but they make you more vulnerable to having it swiped. Use unique logins for loyalty accounts – Using the same e-mail and password combo for all your loyalty accounts means that if one is compromised, a smart hacker could break into all of them, and some will have your payment information available. Set up alerts – Go into your banking system and enable notifications. You can request to be notified when any purchases or purchases over a certain amount are made, so you can quickly report any suspicious activity. Cybercriminals will use any method they can to steal your information and money. To stay safe, you must take a proactive approach to protecting your financial information. This is equally true for your business. If hackers are willing to put this much effort into stealing money for low-dollar purchases, imagine what they would do to access your company accounts. Your customer data, employee information, trade secrets and more can be worth millions to them. If you’re not sure if your company is as secure as it should be or you just want to get a second set of eyes on your system to make sure there aren’t any holes in your security, we’ll perform a FREE Network Security Assessment for you. We’ll go through our multi-step security checklist and let you know if and where cybercriminals can get into your network. Click here to book your FREE Network Security Assessment now or call our office at 774-241-8600.

The Safest Way To Shop For Mother’s Day Online Read More »

Cyber-Attack Takes Omni Hotels & Resorts Offline; Here’s How To Travel Safely

Another day, another cyber-attack! In early April, Omni Hotels & Resorts was the victim of a cyber-attack that brought down the entire IT system and led to a company-wide outage. The organization took immediate action and brought the entire network offline to isolate the issue, protect its data and prevent further damage from occurring. Unfortunately, this process heavily impacted the hotel’s operations and day-to-day functions, such as managing reservations, unlocking hotel room doors manually and using point-of-sale (POS) systems in restaurants and shops within the hotel. Some estimates expect this attack to cost the Omni over a million dollars. While unconfirmed by the hotel, several sources speculate that the type of cyber-attack was a ransomware attack similar to what happened to MGM in Las Vegas several months ago. While most customers were aware of the inconveniences of the Omni outage, many weren’t aware of the dangers associated with cyber-attacks. When a network is compromised, unless you have high-grade tools to protect you, every device you connect to is put at risk. When you’re traveling, it’s important to treat everything like a risk to ensure your safety. In today’s article, we’re sharing a couple of tips to keep you safe when you’re on the road for work or even on vacation this summer. These tips will help protect you, but if you travel for work or have employees who travel for work, it’s important that all work devices have professional-grade cybersecurity tools installed on them. You don’t want to send your sales team to a hotel-hosted trade show, and instead of bringing back a list of leads, they bring back malware that could shut down your company altogether. There is one final lesson in this terrible incident that all business owners need to understand: No matter the size of the company, you can still be the victim of a cyber-attack. The Omni chain, which boasts over 50 properties nationwide, would likely have a large budget to defend itself from cyber-attacks and yet still fall victim to hackers. No system is 100% impenetrable, but small business owners who don’t have any security measures in place are putting a big red target on their backs. If you don’t have a cybersecurity system in place, or if you do and someone else is managing it but you’d like a second opinion, we offer a FREE Security Risk Assessment. This assessment will go over every area of your network to identify if and where you are vulnerable to an attack and propose solutions to fix it. Click here to book your Security Risk Assessment with one of our cybersecurity experts, or call our office at 774-241-8600.

Cyber-Attack Takes Omni Hotels & Resorts Offline; Here’s How To Travel Safely Read More »

What Is Bad IT Support Costing Your Business?

In our technology-driven world, efficient IT support is the backbone of any successful business. From ensuring seamless operations to safeguarding sensitive data, reliable IT services are crucial for maintaining productivity and protecting your bottom line. However, not all IT support is created equal, and the cost of settling for subpar services can result in expensive consequences for your business. Bad IT service can negatively affect employee productivity, customer happiness and operational efficiency and quickly eat into your profits. In this blog post, we’ll explore some of the hidden costs of bad IT support and how it could be impacting your business in ways you might not have considered. Unresolved Recurring Issues IT issues that aren’t properly resolved are like untreated wounds that fester over time. For example, one person’s poor password habits can become a company-wide issue that later results in an expensive ransomware attack when a hacker finds a weak link. Recurring IT issues also drain company resources. Without addressing the root cause of the issues, the problems will persist, leading to ongoing costs. Sloppy Systems And Processes Your IT team can take tasks off your plate, like getting new employees access to the files, software and programs they need to do their job and revoking access when an employee leaves the company. If the procedures are not followed or outlined properly, your company’s processes will not run as efficiently as they should, costing you time and money, and it could open up big security risks to your company. Unexpected Downtime Operational inefficiencies aside, what’s the cost if you CAN’T do business? Not just the loss of potential sales, but the cost of employees sitting stagnant, staring at the wall and scrolling on their phones while your IT guy is trying to get your network back up. If you have 20 employees at an average pay of $25 an hour and your system is down for three hours, you might as well light $1,500 on fire. Now, what if this is happening one, two, even three or more times a month? Add in the potential loss of sales and fees for emergency IT support, and the total for each outage will quickly add up to a sizable chunk of change you’re letting fall right through your pocket. Security Breaches If a negligent or inexperienced IT professional leaves gaps in your security system, you could be vulnerable to a cyber-attack. There is no limit to what this could cost your business if client data or financial data is leaked, stolen or exploited. Legal fees, fines and downtime from cyber-attacks have put thousands of companies out of business because the owners weren’t able to get out from under them. It is critical to the future of your business that you work with an IT professional who knows what you need to be compliant in your industry and secure from the latest threats. These issues are only the tip of the iceberg. If you’d like us to take a closer look at what you’re getting for what you’re paying, to make sure you’re not exposed to risks and are operating as efficiently as possible, we’re happy to do so. To schedule a free 10-minute discovery call to see how we can get rid of your tech issues once and for all, go to www.centrend.com/contactus or call us at 772-241-8600.

What Is Bad IT Support Costing Your Business? Read More »

Scroll to Top