Home » Cyber Attacks

Tag: Cyber Attacks

Why Exchange 2010 Users Can’t Afford to Delay Their Software Upgrades – and How MSPs Can Help

By David Mills, Director of Product Management, BitTitan

It’s been a decade since the 2009 release of Exchange Server 2010, which means the lifecycle for this Microsoft product is soon coming to an end. Originally scheduled for January 14, 2020, Microsoft recently extended the end-of-support date to October 13, 2020. This may be welcomed news for businesses still relying on Exchange 2010, but it should also serve as a wake-up call: The time to upgrade is now.

In announcing the end-of-support deadline extension, Microsoft stated it was doing so “to give Exchange 2010 customers more time to complete their migrations.” These migrations require a considerable amount of time and planning to successfully deploy and complete – and keeping the project on schedule is a task within itself. Businesses should not delay their upgrades, as there are serious ramifications, and Microsoft will not extend the deadline again.

This is where it is critical for managed service providers and IT professionals to step in and advise their clients of the necessary upgrades they need to make. Doing so is win-win for IT pros and their clients, as it builds trust, ensures the health of a customer’s business remains strong and enables the continued business growth for all parties.

The Potential Risks

So, what are the risks businesses face if they don’t upgrade their software? There are quite a few. During a product’s lifecycle, Microsoft provides a substantial number of new features, bug fixes and security updates. Once the end-of-support deadline passes, Exchange 2010 users will not receive technical support from Microsoft for issues that may occur. They will not receive bug fixes for issues that arise that affect the usability of their server. They won’t receive security patches for vulnerabilities that are found. These businesses will face an increased risk of data breaches and malicious cyberattacks. In addition, depending on the compliance regulations of their industry, these businesses may become liable to legal issues for falling out of compliance.

It’s a harrowing outlook, but the good news is there are practical courses of action businesses can take to remedy their situation.

The Most Viable Solutions

Primarily, there are two options that are most ideal for organizations looking to upgrade. For those considering a full transition to cloud technologies, a fitting course of action may be an upgrade to Exchange Online/Office 365. Taking this approach is typically the most reliable and ensures that users will receive regular software updates from Microsoft. End users will have the latest feature enhancements provided in the cloud Office suite. From Microsoft’s perspective, this is likely the preferred route, though subscribers must be vigilant of price increases.

However, not all businesses are ready to abandon on-premises systems just yet. For those that require on-prem hardware, upgrading to Exchange Server 2016 or 2019 may be the way to go. This option offers businesses more control over their email data, as well as a breadth of backup and recovery options for their workplace systems. It must be noted that when pursuing this option, businesses migrating from Exchange 2010 must conduct a “double-hop” migration when moving data to Exchange 2019, and first migrate to Exchange 2013 or 2016. This can seem like a tedious step to add to an already complex process. Employing a third-party migration tool – such as BitTitan’s MigrationWiz – can eliminate this step and afford the ability to migrate directly to Exchange 2019.

Taking a Broader Approach

There is another wrinkle as to why now is an important time to facilitate migrations for customers: Exchange 2010 isn’t the only product that Microsoft will no longer support in 2020. An end-of-life deadline is set for Windows 7 on January 14, 2020. Nine months later, Microsoft will discontinue support for both SharePoint Server 2010 and Office 2010 on October 13, 2020. That’s a considerable number of products reaching their lifecycle end in a short amount of time – and it creates an opportune timeframe for MSPs to potentially bundle migration projects for customers.

MSPs and IT pros can delve into larger workplace upgrades and digital enhancements for clients. They can potentially explore overseeing multiple upgrades for these products at once and ensure that a stable and secure workplace plan is established for the long term.

For IT pros and their clients, staying on top of the end-of-support date goes beyond simply upgrading software. By not making the necessary upgrades, the health and well-being of a customer’s business is at stake. Making sure clients are running software and relying on workplace systems that are appropriately upgraded, secure and compliant eliminates these threats and vulnerabilities. It ensures that business for both IT pros and their clients continues to successfully hum along.

Bio

David Mills is Director of Product Management at BitTitan, driving product strategy, defining product roadmaps and ensuring customer success. David is an experienced product management leader with more than two decades of industry experience. Prior to BitTitan, he worked as a principal consultant at PricewaterhouseCoopers, a product manager at Microsoft and director of product management at Avanade. His areas of expertise include product planning, cloud infrastructure and applications, and marketing communication.

Small and Medium Businesses Are More Vulnerable to Cyberattacks

Tips for Small Businesses on How to Enhance Cybersecurity

By Daniel Markuson, Digital Privacy Expert, NordVPN

According to the study conducted by the Ponemon Institute, only 28% of small and medium businesses mitigate cyber threats, vulnerabilities and attacks effectively. The study revealed that nearly half of the companies have no understanding of how to protect their data, finances, employees and customers against cyberattacks.

However, small businesses may often be even more attractive targets for hackers than larger enterprises. Here are some of the reasons:

  1. The owners of valuable data. Contrary to what most of the small companies may think, they do have useful data for hackers. It can be anything from financial information that can be used for fraud, to the personal details valuable for identity theft.
  2. The path to other companies. Often hackers target small companies for easy access into larger enterprises. It can also be a path into the data of many other small businesses.
  3. Easy to hack. Small businesses often lack adequate cyber-defenses, so they are frequently much easier to hack compared to larger enterprises. There are usually no security personnel and technology in place, so it’s also more challenging to detect an attack when it occurs. Effective handling of cyber threats is impossible without a strategy and strict policies applied to all employees.
  4. More difficult recovery. Every small business has computer-based data it needs to operate. Unfortunately, few can recover from an attack independently. However, a cyberattack might be the end of the road, especially for a small business. Therefore, small business owners are more likely to pay ransoms.

Ransomware and spear-phishing attacks are the most common cybercrime tactics used against small businesses. The first one blocks access to a computer or mobile phone until the attackers receive a ransom payment. The second one is an email-spoofing attack seeking unauthorized access to valuable information. There are hundreds of different ways to harm any enterprise, its employees or customers. Some of the most usual methods don’t even require advanced technological knowledge. For example, social engineering schemes are easy and effective to launch.

Simple tips for small business owners to boost cybersecurity

Do regular backups. Regular backup of your data in a secure location – offsite and offline – is essential. It helps to protect yourself from a ransomware attack. For small businesses with less sensitive data, even external hard drives might be enough. For more significant comfort, consider special paid backup security services (don’t trust free ones).

Secure all your smart devices. Cybersecurity is not limited to your smartphone, tablet or computer. These days, even printers and TVs are connected to the internet, so make sure these are secure as well. If the password and even username are insecure, change them. Additionally, restrict admin privileges to your networks and accounts. Each team member must have their personal credentials with an assigned role. This way you will always know who made a mistake.

Secure all your data. Encrypting your data makes it more difficult to exploit or hijack. A reliable and reputable VPN service provider, like NordVPN, SurfShark or ProtonVPN, can encrypt the online traffic of all your employees. This ensures that your data is safe when they need to access it. Many small business owners and employees work at office hubs or at home, so their data gets sent through unsecured channels. A reliable VPN can fix this problem. Of course, don’t forget that you need an antivirus and a strong firewall.

Educate your team members. It is essential to cultivate the secure mindset of every employee. Keep your team members informed about the dangers of downloading attachments or clicking on links from unknown sources. Make sure to educate them about social engineering tactics, latest hacks and phishing attacks. You can use an online cybersecurity test to understand how much your employees know about digital security.

Always update your devices. Don’t forget to update your computers, tablets, smartphones and other devices regularly. Do the same for software. New updates fix security vulnerabilities and system bugs that could cause insecure situations. Make sure to update your firewalls and antivirus.

Create a strong password. Use unique passwords for different accounts or devices. Make sure to create strong passwords and change them every three months. It’s also crucial for your company to have a strict password policy and ensure that all employees comply with it. Additionally, share some tips with your colleagues on how to create strong and reliable passwords.

An average data breach costs $3.92 million, and that’s a heavy burden on small and medium enterprises. Leaks drive away clients, plus companies end up paying millions in fines and compensations. Even though cyberattacks often target SMEs, the media focuses only on the big hacking scandals. That’s why small company owners tend to think only of major corporations with vast amounts of valuable data as the primary targets. Consequently, SMEs often do not take the most basic steps to protect their digital resources. It’s time to understand that your business’s security is in your own hands.

Bio
Daniel Markuson is a Digital Privacy Expert and Internet security enthusiast at NordVPN. Daniel is generous with spreading news, stories and tips on how to stay secure in the fast-changing digital world.

Alert Logic Report Reveals Wealth of Vulnerabilities for SMBs

By Rohit Dhamankar, Vice President, Threat Intelligence, Alert Logic

When it comes to incorporating strong cybersecurity hygiene into their practices, small and midsize businesses (SMBs) sometimes don’t realize how susceptible they are to cyber attacks. They read the latest news about a big-name organization getting hacked and conclude that this would never happen to a “small fish” company like theirs.

But they are mistaken.

Due to increasingly automated attack methods, cyber adversaries aren’t distinguishing between “big” and “small” fish anymore. They’re targeting vulnerabilities, with automation that empowers them to cast a wide net to cripple SMBs and large enterprises alike. New research from Alert Logic indicates that lack of awareness may be leading to a wealth of exposures for SMBs: A clear majority of their devices are running Microsoft OS versions that will be out of support by January 2020, and most unpatched vulnerabilities in the SMB space are more than a year old.

What Alert Logic’s New Findings Really Say

These and other findings from the Alert Logic Critical Watch Report 2019 should serve as an eye-opener for SMBs. Our analysis was based on 1.3 petabytes of data from more than 4,000 customers, including data from 2.8 million intrusion detection system (IDS) events and 8.2 million verified cybersecurity events. Here are highlights from the report that illustrate the most significant challenges we found:

Digging into the Numbers

More than 66 percent of SMB devices run Microsoft OS versions that are expired or will expire by January 2020. There’s little representation, in fact, of the current Windows Server release – 2019 – among this group and the majority of devices run Windows versions that are more than ten years old. Even if not exposed to the internet, these versions make it easy for attackers to move laterally within systems once they compromise a host.

Three-quarters of the top 20 unpatched vulnerabilities in the SMB space are more than a year old. Even though automated updates have improved software patching, organizations struggle to keep up the pace. The use of open source software – a common technique for building software projects efficiently – complicates the patch cycle, especially when the open source software is embedded. To uncover and reduce the vulnerabilities left by unpatched code, organizations must invest in third-party validation of the efficacy of the update process in their software development life cycle (SDLC) while conducting regular vulnerability scans.

Security Challenges SMBs Face

Weak encryption continues to create headaches, accounting for 66 percent of workload configuration problems. Unfortunately, many SMBs simply implement a default encryption for a particular app. Defaults were typically defined when older encryption protocols were still considered safe but might no longer be. It’s not surprising then that our research found that 13 encryption-related configuration flaws are leading to 42 percent of all security issues found.

Nearly one-third of the top email servers run on Exchange 2000, which has been unsupported for nearly 10 years. Email is the life blood of most businesses, so SMBs place their operations, sales and other critical functions at risk if they encounter newly identified vulnerabilities for which there are no available patches.

The three most popular TCP ports – SSH (22/TCP), HTTPS (443/TCP) and HTTP (80/TCP) – account for 65 percent of all vulnerabilities. Internal security teams should regularly scan ports to determine weaknesses and firewall misconfiguration issues, as well as whether unusual, possibly harmful services are running on systems. In addition, they need to close ports that are no longer in use; install firewalls on every host; monitor and filter port traffic; and patch and harden any device, software or service connected to ports.

Half of systems are running a version 2.6 Linux kernel, which has been out of support for more than three years. There are at least 69 known vulnerabilities for this kernel level, with many relatively easy to exploit. Kernels serve as the heart of an operating system, managing hardware, memory, apps, user privileges and an assortment of other key functions/components.

What to Think About Next

An obvious answer for SMBs is to inventory their cyber ecosystem and replace systems that have outlived support. But this is impractical for many. Resource constraints and inability to scale often prevent SMBs from upgrading and they struggle to apply best practices in patching, hardening and cyber hygiene. These organizations don’t have to go it alone, however, and can partner with security providers who offer strong but cost-conscious options to provide needed threat visibility, intelligence and security and compliance experts. With this support, SMBs can better defend existing infrastructure while addressing security challenges that occur during upgrades or migrations to the cloud.

Bio
Rohit Dhamankar is vice president of threat intelligence products at Alert Logic. Dhamanker has over 15 years of security industry experience across product strategy, threat research, product management and development, technical sales and customer solutions. Prior to
Alert Logic, Dhamanker served as vice president of product at Infocyte and founded consulting firm Durvaanker Security Consulting. He holds two Masters of Science degrees – one in physics from The Indian Institute of Technology in Kanpur, India and one in electrical and computer engineering from University of Texas – Austin.