You’ve probably heard by now that over 50 million Facebook users’ private information had been stolen by Cambridge Analytica during the 2016 presidential campaign. Here’s a summary of the story:
Since the exposure of this story, users around the world have been anxious to learn what information a data beast like Cambridge Analytica could have accessed after accessing the social platform giant.
I’m here to report that Facebook has an incredible memory and downloading my own Facebook data was not only a walk down memory lane but also terrifying. I have been a member of the site since 2007 and was presented with an insane amount of personal details that have been collected on my behalf over the last 11 years.
As you can see, it not only leaves space for contact information but my family is detailed along with an extensive work history to which is actually saved “privately” on my profile. Apparently “private” only meant that third parties and hackers could see it, not the general public.
In addition, phone numbers and email addresses of over 20,000 people I had come across in my 10 years of sales and recruiting had been stored, many of which belong to people not even on Facebook. This was all listed under the “Contact Info” and obviously scraped from my mobile devices.
Under the “Friends” tab, I was able to see a running tab of who I had connected with over the years, when I connected and when I disconnected as well! With an account constantly flexing around 5,000 friends, the list in its totality under this tab included over 7,400 people.
The “Messages” tab was also surprising. If “de-friending” someone wasn’t enough to remove them from my data archive “Friends” tab, it certainly wasn’t enough to remove the messages either. Every conversation that I had encountered over the last 11 years from friends, strangers, exes and otherwise all reappeared and were obviously accessible to third parties and hackers.
But still, it gets crazier!!
When it came to the companies targeting me based on my preferences under the “Ads” tab, I was really surprised to find so many brands that I had never directly reached out to. After a little online research, I found this article by the Washington Post that outlines 98 touch points Facebook uses to connect us to their paid advertisers. It’s important to note as well, one of my male colleagues had a few surprising advertisers collecting his data: Rod Stewart, Sally Beauty and Cyndi Lauper. (He said he’s not a fan of any of those brands.)
There were over 1000 companies in this list for me.
But Facebook doesn’t consider this exposure a hack or even a “data breach”. They will go as far as accepting that this was a “breach of trust” but that’s where their ownership stops.
Deputy general counsel Paul Grewal released a statement on Saturday writing that “the claim that this is a data breach is completely false” because the researcher got consent from everyone involved. Andrew “Boz” Bosworth, Facebook’s former vice president of ads, took a similar stance.
So many of us are left asking, “Is it time to delete our Facebook accounts?”. Some brands went noticeably offline this weekend, deleting their Facebook pages, even igniting a #deletefacebook movement, but is it necessary?
Not really. There are plenty of ways we can start protecting our privacy more than ever. Check out this article for some easy “Spring-Cleaning” tips to a safer online experience.
If you would like to download your own data, (and I think you should) follow the simple steps offered in your Facebook Privacy Settings:
On Monday, February 12th, TheHackerNews reported that the Pyeongchang Winter Olympics taking place in South Korea was disrupted following a malware attack before and during the opening ceremony on Friday. Travis Day of ARRC Technology stated in response to the attack, “It is a DDoS (distributed denial of service) and is common for large scale events like the Olympics. The new threat on the rise is cryptojacking and its replacing ransomware on the threat landscape as explained in a recent article with Wired.com.”
The cyber attack coincided with 12 hours of downtime on the official website for the Winter Games, the collapse of Wi-Fi in the Pyeongchang Olympic stadium and the failure of televisions and internet at the main press center, leaving attendees unable to print their tickets for events or get venue information.
The Pyeongchang Winter Olympics organizing committee confirmed Sunday that a cyber attack hit its network helping run the event during the opening ceremony, which was fully restored on 8 am local time on Saturday—that’s full 12 hours after the attack began.
Multiple cybersecurity firms published reports on Monday, suggesting that the cause of the disruption was “destructive” wiper malware that had been spread throughout the Winter Games’ official network using stolen credentials.
Dubbed “Olympic Destroyer” by the researchers at Cisco Talos, the wiper malware majorly focuses on taking down networks and systems and wiping data, rather than stealing information.
The Talos researchers would not comment on attribution, but various security experts have already started attributing the Olympic Destroyer malware to hackers linked to either North Korea, China or Russia.
According to the analysis by Cisco Talos, the attacker had intimate knowledge of the Pyeongchang 2018 network’s systems and knew a “lot of technical details of the Olympic Game infrastructure such as username, domain name, server name, and obviously password.”
“The other factor to consider here is that by using the hard-coded credentials within this malware it’s also possible the Olympic infrastructure was already compromised previously to allow the exfiltration of these credentials,” researchers said.
The Olympic Destroyer malware drops two credential stealers, a browser credential stealer and a system stealer, to obtain required credentials and then spreads to other systems as well using PsExec and Windows Management Instrumentation (WMI), two legitimate Windows administration tools used by network admins to access and carry out actions on other PCs on a network.
Once installed, the malware then first deletes all possible “shadow” copies of files and Windows backup catalogs, turn off recovery mode and then deletes system logs to cover its tracks and making file recovery difficult.
“Wiping all available methods of recovery shows this attacker had no intention of leaving the machine useable. The sole purpose of this malware is to perform destruction of the host and leave the computer system offline,” reads the Talos blog post.
It’s difficult to accurately attribute this cyber attack to a specific group or nation-state hackers due to sparse of technical evidence to support such a conclusion as well as hackers often employing techniques to obfuscate their operations.
Here are the more advanced threats that can harm your company, and why an MSP is your best option.
According to Google, malware (short for “malicious software”) is software that is intended to damage or disable computers and computer systems. It can include phishing threats, viruses, ransomware, spyware, etc. Back in the day, malware was very simple. Many attacks came from curious hackers who weren’t out to make money but just to see what they could do. Nowadays, with ransomware and other digital money-making opportunities, malware has become exponentially more vicious. As technology rockets forward, so do the cyberthreats. And the more advanced malware gets, the less likely you can fight it on your own.
How an MSP protects you: Think of an MSP as your own digital army. Now your business is protected by consistent monitoring and professionals who can fight those cyber-battles for you. You won’t have to worry about whether or not you’re keeping up with the latest in cybersecurity because your network is protected at all times. Partnering with an MSP takes the worry out of your mind and allows you to focus on your business, not your technology.
Hand-in-hand with malware, hackers are the human component behind cyberattacks. Someone has to program that evil bot, right? Now that there’s some serious money to be made in the hacking business, everyone with half a brain is trying to get into it. And with heavy competition like that, it’s a perfect environment to breed rockstar hackers. And the bad news is, the more advanced they get, the more help the average business owner will need to protect themselves.
How an MSP protects you: Just like with malware, having an MSP partner takes the stress off your shoulders. With your network being monitored 24/7, any kind of attack will be spotted before it can do damage. And, even better, your network won’t have the common vulnerabilities that most do. The usual holes that hackers exploit won’t exist in your network, meaning your business flies under the radar of most attacks. Your equipment will be updated, your software will be patched regularly, your network will be solidified, and you can sleep easy at night knowing your company is safe.
If you missed what a Managed Service Provider is, check it out before you take a deeper look into how an MSP protects your company. If you missed Part 1: Hardware and Software, have no fear. You can read it and pop back here.
Now, let’s get into how partnering with an MSP protects you from the human element.
Sometimes, crime revolves around opportunity. If you have an open-door policy at your business, it makes it easy for an everyday criminal to waltz inside. And once inside, they can poke around computers that aren’t locked or secured. All it takes is a couple of minutes, searching on an unattended computer for things like “Financial Records” or “Credit Card.” A crime of opportunity happens in an instant, and that criminal can walk away with a sheet of credit card numbers or bank statements.
How an MSP protects you:MSPs are well-versed in things like simple security, such as requiring all workstations to be secured with individual passwords. Once an MSP has audited your network, they can find where you are most vulnerable, and take the necessary measures to prevent unauthorized use of computers and wireless internet. On top of that, most MSPs can assist your company in becoming PCI compliant, which means all the credit card information you have on file isn’t accessible to the naked eye. So even if someone were able to access a computer at your business, they couldn’t download a sheet with full credit card numbers anyway.
You probably hire your employees based on their ability to perform the specific job you listed, right? And I’m sure they do a fine job. But unfortunately, a lot of them don’t come equipped with the right cybersecurity skills. No, we’re not talking about certified technical skills, but the basics of staying safe online. All it would take is Jim in accounts payable clicking on an unsafe link from an email and your sensitive financial information is in the hands of cybercriminals. As humans, we can’t know everything. The good news is, all it takes is a little education and your employees will turn from the weakest link to your strongest asset.
How an MSP Protects You: Some MSPs host either on-site or off-site training classes for employees. They’re basic and simple but make a huge difference in your cybersecurity plan. By simply showing employees how to spot a phishing email or what digital hygiene looks like, they’re less likely to endanger your network. ARRC Technology hosted several cybersecurity training events on-site, and continues to look for new ways to educate businesses in the Bakersfield area.
The dark side of the normal employee is the rare vindictive employee. This employee is the one who had a bad attitude all along and once they were fired, decided to take all their worldly wrath out on the company. Vindictive employees are very dangerous, mainly because they have access to company records. Without the proper off-boarding procedure, vindictive employees may have access for days, months, or even years to the company network. And sometimes, depending on how sour they are, they can delete or modify records before they’re caught.
How an MSP protects you: MSPs have ample experience with the correct onboarding and offboarding procedures, exact times and all. In layman’s terms, this means those new employees have access to what they need the first day they start work, and employees that are fired or laid off have all access removed the moment they’re told. This eliminates the possibility of an angry employee stalking back to their desk, downloading sensitive information, and walking out. Or even going home, logging into their workstation remotely, and destroying information. Utilizing the proper strategy to make sure that never happens is critical to protecting your business.