Recent Blog Posts

Today, we?ve compiled some statistics that give these threats context, as well as a list of some of the most devastating hacks from the first half of 2018. Hopefully, these lists will put into perspective just how important building a network security strategy is for your company. Here are some statistics to help reinforce just how important cybersecurity is: In 2017 over 130 large-scale breaches were reported, a 27 percent increase over 2016. Nearly 1-in-3 organization have experienced some sort of cyberattack in the past. Cryptojacking (stealing cryptocurrency) increased 8,500 percent in 2017. 100,000 organizations were infected with the WannaCry ransomware (400,000 machines). 5.4 billion WannaCry attacks were blocked in 2017. The average monetary cost of a malware attack is $2.4 million. The average time cost of a malware is 50 days. Ransomware cost organization?s over $5 billion in 2017. 20 percent of cyberattacks come from China, 11 percent from the United States, and six percent from the Russian Federation. Phone numbers are the most leaked information. 21 percent of files are completely unprotected. 41 percent of companies have over 1,000 sensitive files left unprotected. Ransomware is growing at 350 percent annually. IoT-based attacks are growing at about 500 percent per year. Ransomware attacks are expected to quadruple by 2020. 7.7 percent of web requests lead to malware. There were 54 percent more types of malware in 2017 than there were in 2016. The cybersecurity market will be worth over $1 trillion by 2025. If that isn?t scary enough, below are some of the attacks that have taken place in 2018. We?ve broken them down into public (individuals, governments, etc.), and private (businesses). Keep in mind all these events took place before the calendar turned to July: Public January The Department of Homeland Security was affected by a data breach that exposed information about 247,167 current and former employees. March Atlanta, Georgia was targeted by a ransomware attack called SamSam. This resulted in a massive problem for their municipal infrastructure. The ransom price given was $51,000, but Atlanta?s leadership refused to meet these demands. Overall, the numbers show that Atlanta has spent more than 10 times that number in the fallout of the attack. Some estimates place the actual cost of this event at nearly $20 million. India?s national ID database, Aadhaar, leaked data of over a billion people. This is one of the largest data breaches in history. A user could pay 500 rupees, equal to about $7, to get the login credentials that allowed anyone to enter a person?s 12-digit code for their personal information. For 300 rupees, or about $4.20, users could also access software that could print an ID card for anyone associated with the database. Cambridge Analytica, a data analytics company that U.S. President Donald Trump used to help his campaign, harvested personal information from over 50 million Facebook users without asking for their permission. Facebook hasn?t called this a data breach, but Cambridge Analytica has since been banned from using the service thanks to this event. June A hack of a U.S. Government-funded active shooter training center exposed the personal data of thousands of U.S. law enforcement officials. This also exposed which police departments aren?t able to respond to an active shooter situation. Private January 280,000 Medicaid records were exposed when a hacker attacked […]

At first glance, you might think that implementing an enterprise-level security solution for your small business might be overkill. After all, you?re a small business–not a large enterprise with a target on its back at every turn. Unfortunately, the reality of this situation can?t be farther from the truth. Because you?re a small business, hackers know that you might not invest in security solutions, whether it?s simply because you don?t want to or because you can?t afford to do so. This makes them more inclined to target you. Consequently, one can see the importance of running security measures to keep threats at bay. It?s hard to argue that preventative measures aren?t beneficial to the security of your business, and as far as keeping threats out of your infrastructure, you can?t go wrong with an enterprise-level firewall, spam protection, and content filtering solution. But where a lot of organizations get hung up on is antivirus, particularly because they might be under the impression that an antivirus solution doesn?t yield a return on investment unless your organization does indeed suffer from a data breach. This isn?t necessarily the right way to look at antivirus? ROI, though. To determine how much ROI an antivirus solution presents for your organization, consider what it does. It eliminates or quarantines threats on your network that would otherwise multiply and spread threat influence across your network (or beyond). When businesses suffer from a data breach, the initial infection is merely the inciting event. If a threat lingers, it can potentially deal a critical amount of damage or infect multiple devices, making it even more difficult to get rid of. The costs of dealing with a data breach are no joke, as your organization could pay a ludicrous amount of capital in reparations toward those who are affected, all while trying to keep operations moving forward and paying for any breaches of compliance that may have resulted from the attack on your business. It?s clear that in the face of a data breach, it?s critical to nip the attack in the bud before it causes more damage than it needs to. This is where antivirus solutions come in. If a threat is detected on your network, it?s immediately captured and eliminated or quarantined, limiting the scope of its influence on your infrastructure, all while limiting the amount you?ll have to pay out as a result of said breach. Paying for the solution to simply exist is much more manageable than shelling out countless dollars in the face of an attack, making antivirus all the more appealing as a preventative measure, even if it?s never used. Your business can take full advantage of antivirus solutions today by giving White Mountain IT Services a call. We can help you implement only the most dynamic and responsive solutions for your business? network security. To learn more, reach out to us at (603) 889-0800.

Tech support scams are only too common, as blending phishing with social engineering has proven to be an effective means of scamming users. Today, our tip will cover how to recognize some of these scams so that they may be avoided? but first, it is important to recognize that scams like these are a serious problem everywhere, and not just for those targeted. An Issue Around The World These scams target users all over the world, although the impact is most clearly felt by users in China, India, and the United States. Regardless, other regions are also subjected to tech support scams – and India gets hit with a double-whammy. The service-and-support-rep-in-India stereotype has its roots in a truly unfortunate reality. The level of competition in the job market is astronomical in India, especially for the generation that should be entering the workforce right about now. For example, a state-owned bank received over one and a half million applications for just one and a half thousand job openings. This job shortage affects even those with high qualifications. Someone could have a Master?s degree in business administration and have to fight for a position as a street sweeper. Circumstances like these make any job opportunity to inherently be too good to pass up, even if your work comes at the expense of others. Indian call centers use these circumstances to their advantage, using a secretive and convoluted process to hire those young people in search of a job, often not even revealing the identity of their employer. Applicants are often charged money for their attendance at interviews and job trainings, only being given a start date if they are accepted. Many of these positions, however, are not the customer support jobs that were expected. Instead of providing customer service, these recruits are used as the initiators of a scam. They call their target and deliver the scam?s pitch, whatever it may be, and send their newly terrified connection to a senior scamming employee who ends the scam. These workers are soon stuck in an unenviable position: their pay is usually terrible and the emotional burden significant, yet there aren?t really any other avenues to make money in the overburdened job market. As a result, it isn?t long before these scammers, themselves exploited, embrace their position and apply themselves to exploiting others simply to fulfill their need to survive. Spotting Scams Unfortunately, even if you feel for the person on the other end of a scam call, you need to protect yourself and your business from their influence. To do so, you need to be able to identify these scams. Below are a few tips for doing so: Who?s On the Line? – Basic rule of thumb: if you get a call from someone claiming to be from ?Microsoft? or any other technology brand, it?s almost a sure bet that they aren?t. These organizations aren?t in the habit of reaching out to people first, despite what your (potentially spoofed) caller ID might tell you. Not Something You Want Linked to You – Scammers are also fond of using links, sharing them in an email to send the user to a website that displays plenty of falsified pop-up warnings. These links shouldn?t be clicked, and if you do inadvertently or are presented with […]

What You Need to Know About Faxploit Faxploit is a series of vulnerabilities found in all models of HP Officejet All-in-One printers that allows an attacker to hijack the printer using only a fax number. Once the attacker gains control of the printer, they can elevate privileges across the network and access data or spread malware, such as notorious threats like WannaCry, Cryptowall, and more. If your company?s fax number is listed publicly and you have an HP Officejet All-in-One printer, your network is at immediate risk. The vulnerabilities also apply to a massive list of other HP inkjet printers, including the HP Envy, HP Deskjet, HP DesignJet, HP PageWide Managed, HP PageWide Pro, HP Photosmart, HP AMP, HP Ink Tank, HP Smart Tank Wireless, and the aforementioned HP Officejet series. It?s Strongly Recommended That Patches Are Applied HP has released patches for these vulnerabilities and users are recommended to apply firmware updates. White Mountain IT Services clients who have a managed services agreement covering your network will be receiving these patches on an ongoing basis. If your business utilizes HP printers and you don?t have a managed contract or you aren?t sure if updates are being proactively applied, we strongly encourage you to immediately reach out to us to have your printers evaluated. It?s also likely that other devices on your network may be out of date, so fully auditing your entire network for outdated firmware and missing security patches is a good idea. It?s important to remember that everything can appear to be working fine, but the doors could be wide open for threats to sneak in. Additionally, White Mountain IT Services can help you proactively monitor and detect threats that attempt to breach your network using real-time, enterprise-level security solutions. With today?s cybersecurity landscape presenting increasingly massive threats to small businesses, doing all you can to protect your data is important. Call us today at (603) 889-0800 for more information.

How to Approach Your IT Spending It might seem like IT is simply another cost of doing business, but we urge you to resist the temptation to lump it in with resources like electricity and air conditioning. Instead, you should consider how your technology (and its current state of being) affect your organization in the grand scheme of things. If your technology doesn?t work properly, your employee morale could suffer, as well as productivity slowing to a halt. Your income could be affected as well, creating a major issue for your business. An IT budget needs to take a lot of information into account. There are countless costs that can be associated with information technology, and that?s without mentioning what it takes to train your staff to actually take advantage of these solutions. The right IT budget will also include even minor inconveniences that come from setbacks you could potentially increase. For example, are you paying too much for a multifaceted solution when in reality you only need one of its features? Are you throwing away money on unused solutions that could be better spent elsewhere within your organization? Even if you have technology solutions for your business, they are only as effective as the way you?re using them. Overall, you should consider your IT budget an investment. Some of it might be seen as a business expense, but overall, much of the spending will be dedicated to eliminating waste and unnecessary expenses. No matter how you see it, your IT should be used to put your business in a positive financial situation. Encouraging Financial Wellbeing with an IT Budget If you don?t know how to proceed with developing an IT budget, we?ve put together a list of topics to consider: Have a set budget for your IT: If you?re going to implement solutions, you should have a set budget for your IT that cannot be exceeded so as to preserve funds for other endeavors. Invest in business-enhancing solutions: Whether it?s boosting productivity or protecting against threats, you?re trying to improve your organization. Your IT budget should be dedicated to preserving this status-quo. Don?t shoot from the hip: If you?re not investing in IT properly, you could wind up in a nasty situation where your IT spending is actually holding you back. You should invest funds to where they need to go, but most importantly where they can make you more money. Does your business need help with managing an IT budget? White Mountain IT Services can help. To learn more, reach out to us at (603) 889-0800.